Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,014
Maven
5,000+
npm
3,721
NuGet
662
pip
3,393
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,776 advisories

Loading
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-34787 was published Nov 13, 2024
The LUNA RADIO PLAYER plugin for WordPress is vulnerable to Directory Traversal in all versions... High Unreviewed
CVE-2024-10816 was published Nov 13, 2024
All versions of the package source-map-support are vulnerable to Directory Traversal in the... High Unreviewed
CVE-2024-21540 was published Nov 13, 2024
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0.... High Unreviewed
CVE-2024-46954 was published Nov 11, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-50324 was published Nov 12, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-50322 was published Nov 12, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-50329 was published Nov 12, 2024
The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2024-10626 was published Nov 9, 2024
In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Block path... High Unreviewed
CVE-2024-47742 was published Oct 21, 2024
changedetection.io path traversal using file URI scheme without supplying hostname High
CVE-2024-51998 was published for changedetection.io (pip) Nov 7, 2024
Erb3
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup... High Unreviewed
CVE-2023-21418 was published Nov 21, 2023
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del... High Unreviewed
CVE-2023-21415 was published Oct 16, 2023
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API... High Unreviewed
CVE-2023-21417 was published Nov 21, 2023
Moodle has CSRF risk in Feedback non-respondents report High
CVE-2024-43434 was published for moodle/moodle (Composer) Nov 7, 2024
In 2N Access Commander versions 3.1.1.2 and prior, a Path Traversal vulnerability could allow an... High Unreviewed
CVE-2024-47253 was published Nov 5, 2024
Path Traversal: '.../...//' vulnerability in ThimPress WP Hotel Booking allows PHP Local File... High Unreviewed
CVE-2024-51582 was published Nov 4, 2024
A Directory Traversal vulnerability in KasmVNC 1.3.1.230e50f7b89663316c70de7b0e3db6f6b9340489 and... High Unreviewed
CVE-2024-38449 was published Jun 17, 2024
OpenRefine has a path traversal in LoadLanguageCommand High
CVE-2024-49760 was published for org.openrefine:openrefine (Maven) Oct 24, 2024
Path traversal vulnerability in functional web frameworks High
CVE-2024-38816 was published for org.springframework:spring-webflux (Maven) Sep 13, 2024
Malayke AlexeyTsvetkov
Duplicate Advisory: Reposilite Arbitrary File Read vulnerability High
CVE-2024-36117 was published for com.reposilite:reposilite-backend (Maven) Aug 5, 2024 withdrawn
Reposilite vulnerable to path traversal while serving javadoc expanded files (arbitrary file read) (`GHSL-2024-074`) High
GHSA-82j3-hf72-7x93 was published for com.reposilite:reposilite-backend (Maven) Nov 4, 2024
artsploit
Hashicorp Consul Path Traversal vulnerability High
CVE-2024-10005 was published for github.com/hashicorp/consul (Go) Oct 31, 2024
Adguard Home arbitrary file read vulnerability High
CVE-2024-36814 was published for github.com/AdguardTeam/AdGuardHome (Go) Oct 8, 2024
itz-d0dgy
Path traversal in oak allows transfer of hidden files within the served root directory High
CVE-2024-49770 was published for @oakserver/oak (npm) Nov 1, 2024
NeKzor
An issue was discovered in Ollama before 0.1.46. It exposes which files exist on the server on... High Unreviewed
CVE-2024-39722 was published Oct 31, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database