GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
6,270 advisories
Filter by severity
Buildah allows arbitrary directory mount
Moderate
CVE-2024-9675
was published
for
github.com/containers/buildah
(Go)
Oct 9, 2024
Local File Inclusion vulnerability in pretix Widget WordPress plugin pretix-widget on Windows...
High
Unreviewed
CVE-2024-9575
was published
Oct 9, 2024
pam_oath.so in oath-toolkit 2.6.7 through 2.6.11 before 2.6.12 allows root privilege escalation...
High
Unreviewed
CVE-2024-47191
was published
Oct 9, 2024
Adguard Home arbitrary file read vulnerability
High
CVE-2024-36814
was published
for
github.com/AdguardTeam/AdGuardHome
(Go)
Oct 8, 2024
Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker...
High
Unreviewed
CVE-2024-47010
was published
Oct 8, 2024
Path traversal in Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with...
High
Unreviewed
CVE-2024-9381
was published
Oct 8, 2024
In JetBrains TeamCity before 2024.07.3 path traversal leading to information disclosure was...
Moderate
Unreviewed
CVE-2024-47948
was published
Oct 8, 2024
In JetBrains TeamCity before 2024.07.3 path traversal allowed backup file write to arbitrary...
Moderate
Unreviewed
CVE-2024-47949
was published
Oct 8, 2024
Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker...
High
Unreviewed
CVE-2024-47011
was published
Oct 8, 2024
Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker...
High
Unreviewed
CVE-2024-47009
was published
Oct 8, 2024
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0)....
Moderate
Unreviewed
CVE-2024-47563
was published
Oct 8, 2024
Mecha CMS 3.0.0 is vulnerable to Directory Traversal. An attacker can construct cookies and URIs...
Critical
Unreviewed
CVE-2024-46446
was published
Oct 7, 2024
PhpSpreadsheet allows absolute path traversal and Server-Side Request Forgery in HTML writer when embedding images is enabled
Moderate
CVE-2024-45291
was published
for
phpoffice/phpspreadsheet
(Composer)
Oct 7, 2024
Saltcorn Server allows logged-in users to delete arbitrary files because of a path traversal vulnerability
High
CVE-2024-47818
was published
for
@saltcorn/server
(npm)
Oct 7, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-47309
was published
Oct 5, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-47324
was published
Oct 5, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-44034
was published
Oct 5, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-47323
was published
Oct 5, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-44018
was published
Oct 5, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-44023
was published
Oct 5, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-9146
was published
Oct 5, 2024
ProTip!
Advisories are also available from the
GraphQL API