GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,015
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
6,281 advisories
Filter by severity
iniNet Solutions SpiderControl SCADA PC HMI Editor has a path traversal
vulnerability. When the...
High
Unreviewed
CVE-2024-10313
was published
Oct 24, 2024
Butterfly has path/URL confusion in resource handling leading to multiple weaknesses
Critical
CVE-2024-47883
was published
for
org.openrefine.dependencies:butterfly
(Maven)
Oct 24, 2024
RockOA v2.6.5 is vulnerable to Directory Traversal in webmain/system/beifen/beifenAction.php.
Moderate
Unreviewed
CVE-2024-48213
was published
Oct 24, 2024
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center ...
Moderate
Unreviewed
CVE-2024-20379
was published
Oct 23, 2024
Kieback & Peter's DDC4000 series is vulnerable to a path traversal vulnerability, which may allow...
Critical
Unreviewed
CVE-2024-41717
was published
Oct 23, 2024
A post-authentication arbitrary file read vulnerability within the server plugins section in...
High
Unreviewed
CVE-2024-35308
was published
Oct 22, 2024
A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8...
High
Unreviewed
CVE-2024-41713
was published
Oct 21, 2024
In the Linux kernel, the following vulnerability has been resolved:
firmware_loader: Block path...
High
Unreviewed
CVE-2024-47742
was published
Oct 21, 2024
Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing...
High
Unreviewed
CVE-2024-10200
was published
Oct 21, 2024
An issue was discovered in Sangoma Asterisk through 18.20.0, 19.x and 20.x through 20.5.0, and 21...
High
Unreviewed
CVE-2024-49215
was published
Oct 21, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Critical
Unreviewed
CVE-2024-49286
was published
Oct 20, 2024
A path traversal vulnerability exists in binary-husky/gpt_academic version 3.83. The...
High
Unreviewed
CVE-2024-10100
was published
Oct 17, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-49287
was published
Oct 17, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-49285
was published
Oct 17, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-49315
was published
Oct 17, 2024
Path traversal in redaxo
Moderate
CVE-2024-46212
was published
for
redaxo/source
(Composer)
Oct 16, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-49245
was published
Oct 16, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-47645
was published
Oct 16, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-47351
was published
Oct 16, 2024
SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code...
High
Unreviewed
CVE-2024-45711
was published
Oct 16, 2024
The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File...
Critical
Unreviewed
CVE-2019-25213
was published
Oct 16, 2024
A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the...
Moderate
Unreviewed
CVE-2024-9676
was published
Oct 15, 2024
Vendure asset server plugin has local file read vulnerability with AssetServerPlugin & LocalAssetStorageStrategy
Critical
CVE-2024-48914
was published
for
@vendure/asset-server-plugin
(npm)
Oct 15, 2024
Enterprise Cloud Database from Ragic does not properly validate a specific page parameter,...
High
Unreviewed
CVE-2024-9983
was published
Oct 15, 2024
SHIRASAGI prior to v1.19.1 processes URLs in HTTP requests improperly, resulting in a path...
High
Unreviewed
CVE-2024-46898
was published
Oct 15, 2024
ProTip!
Advisories are also available from the
GraphQL API