Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,767
Maven
5,000+
npm
4,373
NuGet
770
pip
4,145
Pub
12
RubyGems
962
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

204 advisories

Loading
A Relative Path Traversal vulnerability [CWE-23] in FortiClientEMS 7.4.0 through 7.4.1 and... Moderate Unreviewed
CVE-2025-22859 was published May 13, 2025
A vulnerability in the “Certificates and Keys” functionality of the web application of ctrlX OS... High Unreviewed
CVE-2025-24350 was published Apr 30, 2025
A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows... Moderate Unreviewed
CVE-2025-24343 was published Apr 30, 2025
DevExpress before 23.1.3 allows arbitrary TypeConverter conversion. Low Unreviewed
CVE-2023-35816 was published Apr 28, 2025
In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was... Moderate Unreviewed
CVE-2025-46433 was published Apr 25, 2025
In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite... Moderate Unreviewed
CVE-2025-43016 was published Apr 25, 2025
Ratta SuperNote A6 X2 Nomad before December 2024 allows remote code execution because an... High Unreviewed
CVE-2025-32409 was published Apr 8, 2025
Relative Path Traversal vulnerability in Cristián Lávaque s2Member allows Path Traversal. This... Moderate Unreviewed
CVE-2025-32137 was published Apr 4, 2025
A relative path traversal in Fortinet FortiSIEM versions 7.0.0, 6.7.0 through 6.7.2, 6.6.0... Critical Unreviewed
CVE-2023-40714 was published Apr 2, 2025
The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2025-2007 was published Apr 1, 2025
An unauthorized file deletion vulnerability exists in the latest version of the Polyaxon platform... High Unreviewed
CVE-2024-9363 was published Mar 20, 2025
A vulnerability in the sanitize_path function in parisneo/lollms-webui v10 - latest allows an... Moderate Unreviewed
CVE-2024-7058 was published Mar 20, 2025
A path traversal vulnerability exists in the latest version of stangirard/quivr. This... Moderate Unreviewed
CVE-2024-6583 was published Mar 20, 2025
A path traversal vulnerability exists in the 'document uploads manager' feature of mintplex-labs... High Unreviewed
CVE-2024-10513 was published Mar 20, 2025
A vulnerability in the `start_app_server` function of parisneo/lollms-webui V12 (Strawberry)... Moderate Unreviewed
CVE-2024-10019 was published Mar 20, 2025
The API used to interact with documents in the application contains two endpoints with a flaw... High Unreviewed
CVE-2024-54449 was published Mar 14, 2025
The API used to interact with documents in the application contains a flaw that allows an... High Unreviewed
CVE-2024-12019 was published Mar 14, 2025
The WP Ghost (Hide My WP Ghost) – Security & Firewall plugin for WordPress is vulnerable to Path... High Unreviewed
CVE-2025-2056 was published Mar 14, 2025
NVIDIA Nemo Framework contains a vulnerability where a user could cause a relative path traversal... High Unreviewed
CVE-2025-23360 was published Mar 11, 2025
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code... High Unreviewed
CVE-2025-26645 was published Mar 11, 2025
When uploading organism or sequence data via the web interface, GMOD Apollo will unzip and... Critical Unreviewed
CVE-2025-23410 was published Mar 5, 2025
Relative Path Traversal vulnerability in NotFound Delete Comments By Status allows PHP Local File... High Unreviewed
CVE-2025-25130 was published Mar 3, 2025
IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 is vulnerable to local file inclusion... Moderate Unreviewed
CVE-2024-56340 was published Feb 28, 2025
A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been... Moderate Unreviewed
CVE-2025-1599 was published Feb 24, 2025
A vulnerability has been found in PHPGurukul Online Nurse Hiring System 1.0 and classified as... Moderate Unreviewed
CVE-2025-1588 was published Feb 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database