Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,758
Maven
5,000+
npm
4,364
NuGet
766
pip
4,132
Pub
12
RubyGems
961
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

7,494 advisories

Loading
Weaviate OSS has path traversal vulnerability via the Shard Movement API High
CVE-2025-67819 was published for github.com/weaviate/weaviate (Go) Dec 12, 2025
The Simple CSV Table plugin for WordPress is vulnerable to Directory Traversal in all versions up... Moderate Unreviewed
CVE-2025-12960 was published Dec 12, 2025
The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to Path... Moderate Unreviewed
CVE-2025-13891 was published Dec 12, 2025
The Multi Uploader for Gravity Forms plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2025-14344 was published Dec 12, 2025
The WatchTowerHQ plugin for WordPress is vulnerable to arbitrary file read via the ... Moderate Unreviewed
CVE-2025-13972 was published Dec 12, 2025
The Player Leaderboard plugin for WordPress is vulnerable to Local File Inclusion in all versions... High Unreviewed
CVE-2025-12824 was published Dec 12, 2025
xbtitFM 4.1.18 contains a path traversal vulnerability that allows unauthenticated attackers to... High Unreviewed
CVE-2024-58312 was published Dec 12, 2025
APC Network Management Card 4 contains a path traversal vulnerability that allows unauthenticated... High Unreviewed
CVE-2024-58310 was published Dec 12, 2025
The WP Job Portal plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to... Moderate Unreviewed
CVE-2025-14293 was published Dec 11, 2025
An issue was discovered in cPanel 110 through 132. A directory traversal vulnerability within the... High Unreviewed
CVE-2025-66429 was published Dec 11, 2025
In JetBrains TeamCity before 2025.11 path traversal was possible via file upload Low Unreviewed
CVE-2025-67742 was published Dec 11, 2025
A weakness has been identified in baowzh hfly up to 638ff9abe9078bc977c132b37acbe1900b63491c.... Moderate Unreviewed
CVE-2025-14520 was published Dec 11, 2025
A security vulnerability has been detected in baowzh hfly up to... Moderate Unreviewed
CVE-2025-14521 was published Dec 11, 2025
SpinetiX Fusion Digital Signage 3.4.8 and lower contains an authenticated path traversal... High Unreviewed
CVE-2020-36883 was published Dec 10, 2025
QiHang Media Web Digital Signage 3.0.9 contains an unauthenticated file deletion vulnerability in... High Unreviewed
CVE-2020-36898 was published Dec 10, 2025
Eibiz i-Media Server Digital Signage 3.8.0 contains a directory traversal vulnerability that... High Unreviewed
CVE-2020-36893 was published Dec 10, 2025
Directory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote... High Unreviewed
CVE-2025-56431 was published Dec 10, 2025
Directory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote... High Unreviewed
CVE-2025-56430 was published Dec 10, 2025
Pyrofork has a Path Traversal in download_media Method Moderate
CVE-2025-67720 was published for pyrofork (pip) Dec 10, 2025
yueyueL
Credited to yueyueL
Jenkins Redpen - Pipeline Reporter for Jira Plugin has a path traversal vulnerability Moderate
CVE-2025-67643 was published for org.jenkinsci.plugins:pipeline-reporter-by-redpen (Maven) Dec 10, 2025
A lack of security checks in the file import process of RHOPHI Analytics LLP Office App-Edit Word... Moderate Unreviewed
CVE-2025-65814 was published Dec 10, 2025
DataGear v5.5.0 is vulnerable to Arbitrary File Deletion. Critical Unreviewed
CVE-2025-65792 was published Dec 10, 2025
A lack of security checks in the file import process of AB TECHNOLOGY Document Reader: PDF, DOC,... Moderate Unreviewed
CVE-2025-65815 was published Dec 10, 2025
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1,... High Unreviewed
CVE-2025-34395 was published Dec 10, 2025
Gogs vulnerable to a bypass of CVE-2024-55947 High
CVE-2025-8110 was published for gogs.io/gogs (Go) Dec 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database