Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,742
Maven
5,000+
npm
4,339
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

7,447 advisories

Loading
Pyrofork has a Path Traversal in download_media Method Moderate
CVE-2025-67720 was published for pyrofork (pip) Dec 10, 2025
yueyueL
Credited to yueyueL
Jenkins Redpen - Pipeline Reporter for Jira Plugin has a path traversal vulnerability Moderate
CVE-2025-67643 was published for org.jenkinsci.plugins:pipeline-reporter-by-redpen (Maven) Dec 10, 2025
A lack of security checks in the file import process of AB TECHNOLOGY Document Reader: PDF, DOC,... Moderate Unreviewed
CVE-2025-65815 was published Dec 10, 2025
A lack of security checks in the file import process of RHOPHI Analytics LLP Office App-Edit Word... Moderate Unreviewed
CVE-2025-65814 was published Dec 10, 2025
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1,... High Unreviewed
CVE-2025-34395 was published Dec 10, 2025
Gogs vulnerable to a bypass of CVE-2024-55947 High
CVE-2025-8110 was published for gogs.io/gogs (Go) Dec 10, 2025
The Simple Download Counter plugin for WordPress is vulnerable to Path Traversal in all versions... Moderate Unreviewed
CVE-2025-13677 was published Dec 10, 2025
The Hippoo Mobile App for WooCommerce plugin for WordPress is vulnerable to Path Traversal in all... High Unreviewed
CVE-2025-13339 was published Dec 10, 2025
STVS ProVision 5.9.10 contains a path traversal vulnerability that allows authenticated attackers... High Unreviewed
CVE-2021-47724 was published Dec 9, 2025
MiniDVBLinux 5.4 contains an arbitrary file disclosure vulnerability that allows attackers to... High Unreviewed
CVE-2023-53772 was published Dec 9, 2025
HP System Event Utility and Omen Gaming Hub might allow execution of certain files outside of... Moderate Unreviewed
CVE-2025-11531 was published Dec 9, 2025
Multiple Improper Limitations of a Pathname to a Restricted Directory ('Path Traversal')... High Unreviewed
CVE-2025-60024 was published Dec 9, 2025
Path traversal in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote... High Unreviewed
CVE-2025-13661 was published Dec 9, 2025
Robocode vulnerable to Directory Traversal in recursivelyDelete Method Critical
CVE-2025-14306 was published for net.sf.robocode:robocode.core (Maven) Dec 9, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-14311 was published Dec 9, 2025
SiYuan vulnerable to RCE via zip slip and Command Injection via PandocBin High
GHSA-4r66-7rcv-x46x was published for github.com/siyuan-note/siyuan/kernel (Go) Dec 9, 2025
sebastianosrt
Credited to sebastianosrt
SiYuan: ZipSlip -> Arbitrary File Overwrite -> RCE High
CVE-2025-67488 was published for github.com/siyuan-note/siyuan/kernel (Go) Dec 9, 2025
MrRauL124
Credited to MrRauL124
NiceGUI has a path traversal in app.add_media_files() allows arbitrary file read High
CVE-2025-66645 was published for nicegui (pip) Dec 9, 2025
y4rvin evnchn
falkoschindler
Credited to y4rvin, evnchn, and falkoschindler
A vulnerability was found in Yottamaster DM2, DM3 and DM200 up to 1.2.23/1.9.12. Affected by this... Moderate Unreviewed
CVE-2025-14224 was published Dec 8, 2025
A security vulnerability has been detected in ORICO CD3510 1.9.12. This affects an unknown... Moderate Unreviewed
CVE-2025-14220 was published Dec 8, 2025
A vulnerability has been found in Sobey Media Convergence System 2.0/2.1. This vulnerability... Moderate Unreviewed
CVE-2025-14182 was published Dec 7, 2025
The 10Web Booster – Website speed optimization, Cache & Page Speed optimizer plugin for WordPress... Critical Unreviewed
CVE-2025-13377 was published Dec 6, 2025
A security vulnerability has been detected in Rarlab RAR App up to 7.11 Build 127 on Android.... Low Unreviewed
CVE-2025-14111 was published Dec 6, 2025
Warehouse Management System 1.2 contains an authenticated arbitrary file deletion vulnerability.... High Unreviewed
CVE-2025-65879 was published Dec 5, 2025
zdh_web is a data collection, processing, monitoring, scheduling, and management platform. In... High Unreviewed
CVE-2025-65897 was published Dec 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database