Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

10 advisories

Loading
Patch traversal, External Control of File Name or Path vulnerability in Iocharger Home allows... High Unreviewed
CVE-2024-43658 was published Jan 9, 2025
A vulnerability in Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2023-20090 was published Nov 15, 2024
A vulnerability was found in elunez eladmin up to 2.7 and classified as critical. This issue... Moderate Unreviewed
CVE-2024-7458 was published Aug 5, 2024
A vulnerability in the Out-of-Band (OOB) Plug and Play (PnP) feature of Cisco Nexus Dashboard... High Unreviewed
CVE-2024-20348 was published Apr 3, 2024
An issue in Jeewms v.3.7 and before allows a remote attacker to escalate privileges via the... Critical Unreviewed
CVE-2024-27764 was published Mar 6, 2024
cmseasy V7.7.7.9 has an arbitrary file deletion vulnerability in lib/admin/template_admin.php. Moderate Unreviewed
CVE-2024-25828 was published Feb 22, 2024
The permission model protects itself against path traversal attacks by calling path.resolve() on... High Unreviewed
CVE-2024-21896 was published Feb 20, 2024
Arbitrary file read vulnerability through the Jenkins CLI can lead to RCE Critical
CVE-2024-23897 was published for org.jenkins-ci.main:jenkins-core (Maven) Jan 24, 2024
sunSUNQ
Path Traversal vulnerability in GMS and Analytics allows an authenticated attacker to read... Moderate Unreviewed
CVE-2023-34125 was published Jul 13, 2023
Path Traversal: 'dir/../../filename' in moment.locale High
CVE-2022-24785 was published for Moment.js (npm) Apr 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database