Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,610 advisories

Loading
CometVisu Backend for openHAB has a path traversal vulnerability Moderate
CVE-2024-42468 was published for org.openhab.ui.bundles:org.openhab.ui.cometvisu (Maven) Aug 9, 2024
p- peuter
The InfoScan client download page can be intercepted with a proxy, to expose filenames located... Moderate Unreviewed
CVE-2024-42408 was published Aug 8, 2024
Okta Verify for Windows is vulnerable to privilege escalation through DLL hijacking. The... Moderate Unreviewed
CVE-2024-7061 was published Aug 7, 2024
Ivanti Docs@Work for Android, before 2.26.0 is affected by the 'Dirty Stream' vulnerability. The... Moderate Unreviewed
CVE-2024-37403 was published Aug 7, 2024
Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2024-7564 was published Aug 6, 2024
A vulnerability was found in juzaweb CMS up to 3.4.2. It has been classified as problematic.... Moderate Unreviewed
CVE-2024-7551 was published Aug 6, 2024
A vulnerability was found in elunez eladmin up to 2.7 and classified as critical. This issue... Moderate Unreviewed
CVE-2024-7458 was published Aug 5, 2024
Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the... Moderate Unreviewed
CVE-2024-7323 was published Aug 2, 2024
A vulnerability has been identified in Omnivise T3000 Application Server (All versions). Affected... Moderate Unreviewed
CVE-2024-38878 was published Aug 2, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-38772 was published Aug 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-38768 was published Aug 1, 2024
Dell Inventory Collector, versions prior to 12.3.0.6 contains a Path Traversal vulnerability. A... Moderate Unreviewed
CVE-2024-37129 was published Jul 31, 2024
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma... Moderate Unreviewed
CVE-2024-27871 was published Jul 30, 2024
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma... Moderate Unreviewed
CVE-2024-27887 was published Jul 30, 2024
SPX (aka php-spx) through 0.4.15 allows SPX_UI_URI Directory Traversal to read arbitrary files. Moderate Unreviewed
CVE-2024-42007 was published Jul 26, 2024
ICEcoder Path Traversal vulnerability Moderate
CVE-2024-41373 was published for icecoder/icecoder (Composer) Jul 26, 2024
A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been declared... Moderate Unreviewed
CVE-2024-7080 was published Jul 24, 2024
A vulnerability classified as problematic was found in Gargaj wuhu up to... Moderate Unreviewed
CVE-2024-6949 was published Jul 21, 2024
The Mercado Pago payments for WooCommerce plugin for WordPress is vulnerable to Path Traversal in... Moderate Unreviewed
CVE-2024-3934 was published Jul 20, 2024
Path traversal vulnerability exists in FUJITSU Network Edgiot GW1500 (M2M-GW for FENICS). If a... Moderate Unreviewed
CVE-2024-40617 was published Jul 17, 2024
SeaCMS v12.9 is vulnerable to Arbitrary File Read via admin_safe.php. Moderate Unreviewed
CVE-2024-39036 was published Jul 16, 2024
The WordPress File Upload plugin for WordPress is vulnerable to Directory Traversal in all... Moderate Unreviewed
CVE-2024-5852 was published Jul 16, 2024
@jmondi/url-to-png contains a Path Traversal vulnerability Moderate
CVE-2024-39918 was published for @jmondi/url-to-png (npm) Jul 15, 2024
realArcherL
A vulnerability classified as problematic was found in NaiboWang EasySpider 0.6.2 on Windows.... Moderate Unreviewed
CVE-2024-6746 was published Jul 15, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to... Moderate Unreviewed
CVE-2024-39741 was published Jul 15, 2024
ProTip! Advisories are also available from the GraphQL API