Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,744
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

266 advisories

Loading
Relative path traversal in Microsoft Office Access allows an unauthorized attacker to execute... High Unreviewed
CVE-2025-62552 was published Dec 9, 2025
RCE via ZipSlip and symbolic links in argoproj/argo-workflows High
CVE-2025-66626 was published for github.com/argoproj/argo-workflows (Go) Dec 9, 2025
cristianstaicu meenakshisl
Credited to cristianstaicu and meenakshisl
In CKSource CKFinder before 2.5.0.1 for ASP.NET, authenticated users could download any file from... Moderate Unreviewed
CVE-2016-20023 was published Dec 5, 2025
There is a relative path traversal vulnerability in the NI System Web Server that may result in... High Unreviewed
CVE-2025-12097 was published Dec 4, 2025
WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated... High Unreviewed
CVE-2025-13771 was published Nov 28, 2025
app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site... Moderate Unreviewed
CVE-2025-66386 was published Nov 28, 2025
In RSA Authentication Agent before 7.4.7, service paths and shortcut paths may be vulnerable to... Critical Unreviewed
CVE-2024-47856 was published Nov 25, 2025
LF Edge eKuiper is vulnerable to Arbitrary File Read/Write via unsanitized names and zip extraction Critical
GHSA-rj4j-2jph-gg43 was published for github.com/lf-edge/ekuiper/v2 (Go) Nov 24, 2025
odaysec ptrgits
Credited to odaysec and ptrgits
A Path Traversal vulnerability has been identified in the Email Security appliance allows an... Moderate Unreviewed
CVE-2025-40605 was published Nov 20, 2025
Astro Development Server has Arbitrary Local File Read Low
CVE-2025-64757 was published for astro (npm) Nov 19, 2025
monizb Princesseuh
delucis ematipico
Credited to monizb, Princesseuh, delucis, and ematipico
A vulnerability was found in code-projects Email Logging Interface 2.0. Affected is an unknown... Moderate Unreviewed
CVE-2025-13199 was published Nov 15, 2025
PrivateBin's template-switching feature allows arbitrary local file inclusion through path traversal Moderate
CVE-2025-64714 was published for privatebin/privatebin (Composer) Nov 14, 2025
esnard elrido
rugk
Credited to esnard, elrido, and rugk
A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0... Critical Unreviewed
CVE-2025-64446 was published Nov 14, 2025
IQ-Support developed by IQ Service International has an Arbitrary File Read vulnerability,... High Unreviewed
CVE-2025-13161 was published Nov 14, 2025
A relative path traversal vulnerability has been reported to affect Download Station. If a remote... Low Unreviewed
CVE-2025-58463 was published Nov 7, 2025
A relative path traversal vulnerability has been reported to affect QuMagie. If a remote attacker... High Unreviewed
CVE-2025-58464 was published Nov 7, 2025
Dell Secure Connect Gateway (SCG) 5.0 Application and Appliance version(s) 5.26.00.00 - 5.30.00... Moderate Unreviewed
CVE-2025-46363 was published Oct 30, 2025
Apache Tomcat Vulnerable to Relative Path Traversal High
CVE-2025-55752 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 27, 2025
aruneko tkwilli94
Credited to aruneko and tkwilli94
A relative path traversal (ZipSlip) vulnerability was discovered in Productivity Suite software... High Unreviewed
CVE-2025-62498 was published Oct 24, 2025
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4... Moderate Unreviewed
CVE-2025-60023 was published Oct 24, 2025
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4... High Unreviewed
CVE-2025-58429 was published Oct 24, 2025
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4... Moderate Unreviewed
CVE-2025-59776 was published Oct 24, 2025
A relative path traversal vulnerability was discovered in Productivity Suite software version 4... High Unreviewed
CVE-2025-58456 was published Oct 24, 2025
A relative path traversal vulnerability was discovered in Productivity Suite software version 4... High Unreviewed
CVE-2025-58078 was published Oct 24, 2025
Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing... High Unreviewed
CVE-2025-11898 was published Oct 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database