Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,411
Erlang
33
GitHub Actions
22
Go
2,146
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
899
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

69 advisories

Loading
The File Manager plugin for WordPress is vulnerable to Directory Traversal in all versions up to,... Moderate Unreviewed
CVE-2024-2654 was published Apr 9, 2024
Path Traversal vulnerability in CodeManas Search with Typesense allows Path Traversal. This issue... Moderate Unreviewed
CVE-2025-26876 was published Feb 25, 2025
Path Traversal vulnerability in wpjobportal WP Job Portal allows PHP Local File Inclusion. This... High Unreviewed
CVE-2025-26935 was published Feb 25, 2025
A CWE-35 "Path Traversal" in maxtime/api/database/database.lua in Q-Free MaxTime less than or... Moderate Unreviewed
CVE-2025-26357 was published Feb 12, 2025
A CWE-35 "Path Traversal" in maxtime/api/sql/sql.lua in Q-Free MaxTime less than or equal to... Moderate Unreviewed
CVE-2025-26353 was published Feb 12, 2025
A CWE-35 "Path Traversal" in maxtime/api/database/database.lua (copy endpoint) in Q-Free MaxTime... High Unreviewed
CVE-2025-26354 was published Feb 12, 2025
A CWE-35 "Path Traversal" in the template deletion mechanism in Q-Free MaxTime less than or equal... Moderate Unreviewed
CVE-2025-26352 was published Feb 12, 2025
A CWE-35 "Path Traversal" in the template download mechanism in Q-Free MaxTime less than or equal... Moderate Unreviewed
CVE-2025-26351 was published Feb 12, 2025
A CWE-35 "Path Traversal" in maxtime/api/database/database.lua (setActive endpoint) in Q-Free... High Unreviewed
CVE-2025-26356 was published Feb 12, 2025
A CWE-35 "Path Traversal" in maxtime/api/database/database.lua in Q-Free MaxTime less than or... Moderate Unreviewed
CVE-2025-26355 was published Feb 12, 2025
Improper handling of input variables lead to multiple path traversal vulnerabilities in the... High Unreviewed
CVE-2025-22205 was published Feb 4, 2025
A vulnerability was discovered in the firmware builds up to 8.2.1.0820 in Poly Edge E devices.... Moderate Unreviewed
CVE-2025-0858 was published Feb 5, 2025
A low privileged remote attacker can specify an arbitrary file on the filesystem which may lead... High Unreviewed
CVE-2024-41973 was published Nov 18, 2024
A low privileged remote attacker can overwrite an arbitrary file on the filesystem which may lead... Moderate Unreviewed
CVE-2024-41972 was published Nov 18, 2024
Path Traversal vulnerability in MORKVA Morkva UA Shipping allows PHP Local File Inclusion. This... High Unreviewed
CVE-2025-24685 was published Jan 27, 2025
Path Traversal vulnerability in ElementInvader ElementInvader Addons for Elementor allows PHP... High Unreviewed
CVE-2025-22786 was published Jan 15, 2025
A flaw was found in rsync. When using the `--safe-links` option, rsync fails to properly verify... Moderate Unreviewed
CVE-2024-12088 was published Jan 14, 2025
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc... Moderate Unreviewed
CVE-2024-12087 was published Jan 14, 2025
Path Traversal vulnerability in SMSA Express SMSA Shipping allows Path Traversal.This issue... High Unreviewed
CVE-2024-49249 was published Jan 7, 2025
Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue... Critical Unreviewed
CVE-2024-56045 was published Dec 31, 2024
Path Traversal: '.../...//' vulnerability in Themewinter Eventin allows Path Traversal.This issue... Moderate Unreviewed
CVE-2024-56213 was published Dec 31, 2024
Path Traversal: '.../...//' vulnerability in DeluxeThemes Userpro allows Path Traversal.This... High Unreviewed
CVE-2024-56214 was published Dec 31, 2024
Some Huawei home music system products have a path traversal vulnerability. Successful... High Unreviewed
CVE-2023-7263 was published Dec 28, 2024
Huawei Home Music System has a path traversal vulnerability. Successful exploitation of this... High Unreviewed
CVE-2023-7300 was published Dec 26, 2024
Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue... High Unreviewed
CVE-2024-56049 was published Dec 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database