GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
126 advisories
Filter by severity
The game extension engine of versions 1.2.7.0 and earlier exposes some components, and attackers...
Low
Unreviewed
CVE-2024-46939
was published
Nov 28, 2024
A path traversal vulnerability has been reported to affect several QNAP operating system versions...
Low
Unreviewed
CVE-2024-37046
was published
Nov 22, 2024
The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to arbitrary file...
Low
Unreviewed
CVE-2024-10672
was published
Nov 12, 2024
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to upload...
Low
Unreviewed
CVE-2024-20528
was published
Nov 6, 2024
cap-std doesn't fully sandbox all the Windows device filenames
Low
CVE-2024-51756
was published
for
cap-async-std
(Rust)
Nov 5, 2024
Lord of Large Language Models (LoLLMs) Server path traversal vulnerability in lollms_file_system.py
Low
CVE-2024-6971
was published
for
lollms
(pip)
Oct 11, 2024
Agnai vulnerable to Relative Path Traversal in Image Upload
Low
CVE-2024-47171
was published
for
agnai
(npm)
Sep 26, 2024
Agnai File Disclosure Vulnerability: JSON via Path Traversal
Low
CVE-2024-47170
was published
for
agnai
(npm)
Sep 26, 2024
Cross site scripting in Concrete CMS
Low
CVE-2024-8291
was published
for
concrete5/concrete5
(Composer)
Sep 25, 2024
Path traversal vulnerability in stripe-cli
Low
CVE-2024-45401
was published
for
github.com/stripe/stripe-cli
(Go)
Sep 5, 2024
Jenkins Report Info Plugin Path Traversal vulnerability
Low
CVE-2024-5273
was published
for
org.jenkins-ci.plugins:report-info
(Maven)
May 24, 2024
A path traversal vulnerability was reported in the Motorola Ready For application that could...
Low
Unreviewed
CVE-2023-41825
was published
May 3, 2024
JADX file override vulnerability
Low
GHSA-hvp5-5x4f-33fq
was published
for
io.github.skylot:jadx-core
(Maven)
Apr 22, 2024
phpMyFAQ Path Traversal in Attachments
Low
CVE-2024-29196
was published
for
phpmyfaq/phpmyfaq
(Composer)
Mar 25, 2024
A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been classified as problematic....
Low
Unreviewed
CVE-2024-1703
was published
Feb 21, 2024
IBM InfoSphere Information Server 11.7 could allow an authenticated privileged user to obtain the...
Low
Unreviewed
CVE-2023-50955
was published
Feb 21, 2024
Dell Unity, versions prior to 5.4, contain a path traversal vulnerability in its...
Low
Unreviewed
CVE-2024-22226
was published
Feb 12, 2024
A vulnerability, which was classified as problematic, was found in KDE Plasma Workspace up to 5...
Low
Unreviewed
CVE-2024-1433
was published
Feb 12, 2024
In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives
Low
Unreviewed
CVE-2024-24940
was published
Feb 6, 2024
Zoho ManageEngine ADAudit Plus before 7270 allows admin users to view names of arbitrary...
Low
Unreviewed
CVE-2023-50785
was published
Jan 25, 2024
The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does...
Low
Unreviewed
CVE-2023-2252
was published
Jan 16, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is...
Low
Unreviewed
CVE-2023-40439
was published
Jan 11, 2024
A vulnerability was found in Inis up to 2.0.1. It has been rated as problematic. This issue...
Low
Unreviewed
CVE-2024-0341
was published
Jan 9, 2024
Duplicate Advisory: Malicious URL drafting attack against iodines static file server may allow path traversal
Low
GHSA-qwf7-rv77-fcr3
was published
for
iodine
(RubyGems)
Jan 4, 2024
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API