Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

6,501 advisories

Loading
The Keap Official Opt-in Forms plugin for WordPress is vulnerable to Local File Inclusion in all... Critical Unreviewed
CVE-2024-13725 was published Feb 18, 2025
The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version)... Moderate Unreviewed
CVE-2025-25223 was published Feb 18, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-26779 was published Feb 17, 2025
A vulnerability classified as problematic has been found in Seventh D-Guard up to 20250206. This... Moderate Unreviewed
CVE-2025-1357 was published Feb 16, 2025
A vulnerability has been found in CmsEasy 7.7.7.9 and classified as problematic. Affected by this... Moderate Unreviewed
CVE-2025-1336 was published Feb 16, 2025
A vulnerability, which was classified as problematic, was found in CmsEasy 7.7.7.9. Affected is... Moderate Unreviewed
CVE-2025-1335 was published Feb 16, 2025
Directory Traversal vulnerability in FeMiner wms v.1.0 allows a remote attacker to obtain... High Unreviewed
CVE-2025-25997 was published Feb 14, 2025
IBM Power Hardware Management Console V10.3.1050.0 could allow an authenticated user to traverse... Moderate Unreviewed
CVE-2024-56477 was published Feb 14, 2025
Label Studio has a Path Traversal Vulnerability via image Field High
CVE-2025-25295 was published for label-studio-sdk (pip) Feb 14, 2025
xbow-security
The vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged... Critical Unreviewed
CVE-2025-1127 was published Feb 13, 2025
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-47265 was published Feb 13, 2025
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in... Low Unreviewed
CVE-2024-47266 was published Feb 13, 2025
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-47264 was published Feb 13, 2025
The Campress theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and... Critical Unreviewed
CVE-2024-10763 was published Feb 13, 2025
A vulnerability classified as problematic has been found in olajowon Loggrove up to... Moderate Unreviewed
CVE-2025-1228 was published Feb 13, 2025
Directory Traversal vulnerability in yeqifu carRental v.1.0 allows a remote attacker to obtain... High Unreviewed
CVE-2024-51376 was published Feb 13, 2025
In Progress® Telerik® UI for WinForms, versions prior to 2025 Q1 (2025.1.211), using the improper... High Unreviewed
CVE-2025-0332 was published Feb 12, 2025
In Progress® Telerik® Document Processing Libraries, versions prior to 2025 Q1 (2025.1.205),... High Unreviewed
CVE-2024-11343 was published Feb 12, 2025
Directory Traversal vulnerability in Ianproxy v.0.1 and before allows a remote attacker to obtain... Moderate Unreviewed
CVE-2024-57777 was published Feb 12, 2025
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are... High Unreviewed
CVE-2025-24406 was published Feb 11, 2025
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability ... Moderate Unreviewed
CVE-2024-36508 was published Feb 11, 2025
Path traversal in Ivanti CSA before version 5.0.5 allows a remote unauthenticated attacker to... Moderate Unreviewed
CVE-2024-11771 was published Feb 11, 2025
In affected versions of Octopus Deploy it was possible to upload files to unexpected locations on... Low Unreviewed
CVE-2025-0526 was published Feb 11, 2025
SAP Supplier Relationship Management (Master Data Management Catalog) allows an unauthenticated... High Unreviewed
CVE-2025-25243 was published Feb 11, 2025
Path-Traversal vulnerability in Revolution Pi version 2022-07-28-revpi-buster from KUNBUS GmbH.... Moderate Unreviewed
CVE-2024-8685 was published Feb 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database