GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
585 advisories
Filter by severity
Allegra saveFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability...
Critical
Unreviewed
CVE-2023-52333
was published
Nov 22, 2024
Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability. This...
Critical
Unreviewed
CVE-2023-51639
was published
Nov 22, 2024
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of...
Critical
Unreviewed
CVE-2024-11311
was published
Nov 18, 2024
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of...
Critical
Unreviewed
CVE-2024-11312
was published
Nov 18, 2024
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of...
Critical
Unreviewed
CVE-2024-11313
was published
Nov 18, 2024
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of...
Critical
Unreviewed
CVE-2024-11314
was published
Nov 18, 2024
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of...
Critical
Unreviewed
CVE-2024-11315
was published
Nov 18, 2024
The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file deletion due...
Critical
Unreviewed
CVE-2024-11150
was published
Nov 13, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected...
Critical
Unreviewed
CVE-2024-46888
was published
Nov 12, 2024
The WPLMS Learning Management System for WordPress, WordPress LMS theme for WordPress is...
Critical
Unreviewed
CVE-2024-10470
was published
Nov 9, 2024
The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file...
Critical
Unreviewed
CVE-2024-10625
was published
Nov 9, 2024
Webswing 23.2.2 allows remote attackers to modify client-side JavaScript code to achieve path...
Critical
Unreviewed
CVE-2024-39332
was published
Oct 31, 2024
A path traversal vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The...
Critical
Unreviewed
CVE-2024-5982
was published
Oct 29, 2024
An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Mango API before 4.5.5 allows...
Critical
Unreviewed
CVE-2024-37847
was published
Oct 25, 2024
Kieback & Peter's DDC4000 series is vulnerable to a path traversal vulnerability, which may allow...
Critical
Unreviewed
CVE-2024-41717
was published
Oct 23, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Critical
Unreviewed
CVE-2024-49286
was published
Oct 20, 2024
The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File...
Critical
Unreviewed
CVE-2019-25213
was published
Oct 16, 2024
The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up...
Critical
Unreviewed
CVE-2024-9047
was published
Oct 12, 2024
Mecha CMS 3.0.0 is vulnerable to Directory Traversal. An attacker can construct cookies and URIs...
Critical
Unreviewed
CVE-2024-46446
was published
Oct 7, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Critical
Unreviewed
CVE-2024-44014
was published
Oct 5, 2024
The WooEvents - Calendar and Event Booking plugin for WordPress is vulnerable to arbitrary file...
Critical
Unreviewed
CVE-2024-8671
was published
Sep 24, 2024
Directory Traversal in the web interface of the Tiptel IP 286 with firmware version 2.61.13.10...
Critical
Unreviewed
CVE-2024-33109
was published
Sep 19, 2024
Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to...
Critical
Unreviewed
CVE-2024-8963
was published
Sep 19, 2024
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the...
Critical
Unreviewed
CVE-2024-46376
was published
Sep 18, 2024
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the...
Critical
Unreviewed
CVE-2024-46375
was published
Sep 18, 2024
ProTip!
Advisories are also available from the
GraphQL API