Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,994 advisories

Loading
Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-3485 was published Jun 6, 2025
A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker... High Unreviewed
CVE-2025-33035 was published Jun 6, 2025
The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed
CVE-2025-3055 was published Jun 5, 2025
Allows the extraction filter to be ignored, allowing symlink targets to point outside the... High Unreviewed
CVE-2025-4138 was published Jun 3, 2025
Allows the extraction filter to be ignored, allowing symlink targets to point outside the... High Unreviewed
CVE-2025-4330 was published Jun 3, 2025
A directory traversal vulnerability exists in the PVMP package unpacking functionality of... High Unreviewed
CVE-2025-31359 was published Jun 3, 2025
tar-fs can extract outside the specified dir with a specific tarball High
CVE-2025-48387 was published for tar-fs (npm) Jun 3, 2025
Directory Traversal vulnerability in WebLaudos 24.2 (04) allows a remote attacker to obtain... High Unreviewed
CVE-2025-27956 was published Jun 2, 2025
The Newsletters plugin for WordPress is vulnerable to Local File Inclusion in all versions up to,... High Unreviewed
CVE-2025-4857 was published May 31, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-48273 was published May 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-47535 was published May 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-47603 was published May 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-47492 was published May 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-47512 was published May 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-31053 was published May 23, 2025
Cloudera Hue Ace Editor Directory Traversal Information Disclosure Vulnerability. This... High Unreviewed
CVE-2025-3884 was published May 22, 2025
Allegra isZipEntryValide Directory Traversal Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-3486 was published May 22, 2025
VMware Cloud Foundation contains a directory traversal vulnerability. A malicious actor with... High Unreviewed
CVE-2025-41229 was published May 20, 2025
setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write High
CVE-2025-47273 was published for setuptools (pip) May 19, 2025
SCH227
PNETLab 4.2.10 does not properly sanitize user inputs in its file access mechanisms. This allows... High Unreviewed
CVE-2025-40629 was published May 16, 2025
The File Manager Advanced Shortcode WordPress plugin for WordPress is vulnerable to Local File... High Unreviewed
CVE-2024-13914 was published May 15, 2025
upset-gal-web v7.1.0 /api/music/v1/cover.ts contains an arbitrary file read vulnerabilit High Unreviewed
CVE-2025-28055 was published May 13, 2025
A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits... High Unreviewed
CVE-2024-4982 was published May 12, 2025
The WordPress Review Plugin: The Ultimate Solution for Building a Review Website plugin for... High Unreviewed
CVE-2025-2158 was published May 10, 2025
The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg plugin... High Unreviewed
CVE-2025-4206 was published May 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database