GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,960
Composer 4,279
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,237
npm 3,740
NuGet 668
pip 3,421
Pub 12
RubyGems 891
Rust 873
Swift 36

Unreviewed advisories

All unreviewed 238,911

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

594 advisories

Filter by severity

Sort by

Least recently updated

F-logic DataCube3 v1.0 is vulnerable to Incorrect Access Control due to an improper directory... Critical Unreviewed

CVE-2024-25830 was published Feb 29, 2024

SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal... Critical Unreviewed

CVE-2024-23479 was published Feb 15, 2024

The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal... Critical Unreviewed

CVE-2024-23476 was published Feb 15, 2024

The functionality for file download in HGiga OAKlouds' certain modules contains an Arbitrary File... Critical Unreviewed

CVE-2024-26261 was published Feb 15, 2024

An issue was discovered in Atos Unify OpenScape Xpressions WebAssistant V7 before V7R1 FR5 HF42... Critical Unreviewed

CVE-2023-40266 was published Feb 9, 2024

The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is... Critical Unreviewed

CVE-2023-6989 was published Feb 6, 2024

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2024-0221 was published Feb 6, 2024

Sharp NEC Displays (P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB,... Critical Unreviewed

CVE-2023-7077 was published Feb 5, 2024

Aprktool before 2.9.3 on Windows allows ../ and /.. directory traversal. Critical Unreviewed

CVE-2024-24482 was published Feb 2, 2024

An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.6.6, 16... Critical Unreviewed

CVE-2024-0402 was published Jan 26, 2024

The Essential Blocks WordPress plugin before 4.4.3 does not prevent unauthenticated attackers... Critical Unreviewed

CVE-2023-6623 was published Jan 15, 2024

The WP Compress – Image Optimizer [All-In-One] plugin for WordPress is vulnerable to Directory... Critical Unreviewed

CVE-2023-6699 was published Jan 11, 2024

A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine... Critical Unreviewed

CVE-2023-47211 was published Jan 8, 2024

The Hotel Booking Lite WordPress plugin before 4.8.5 does not validate file paths provided via... Critical Unreviewed

CVE-2023-5991 was published Dec 26, 2023

Dreamer CMS before version 4.0.1 is vulnerable to Directory Traversal. Background template... Critical Unreviewed

CVE-2023-46886 was published Nov 29, 2023

Path traversal in file upload functionality in `/main/webservices/additional_webservices.php` in... Critical Unreviewed

CVE-2023-3533 was published Nov 28, 2023

In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after... Critical Unreviewed

CVE-2023-47246 was published Nov 10, 2023

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code... Critical Unreviewed

CVE-2023-35187 was published Oct 19, 2023

Various `node:fs` functions allow specifying paths as either strings or `Uint8Array` objects. In... Critical Unreviewed

CVE-2023-39332 was published Oct 18, 2023

Insufficient path validation when extracting a zip archive in South River Technologies' Titan MFT... Critical Unreviewed

CVE-2023-45685 was published Oct 16, 2023

A directory traversal vulnerability exists in the BIG-IP Configuration Utility that may allow an... Critical Unreviewed

CVE-2023-41373 was published Oct 10, 2023

A?CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')... Critical Unreviewed

CVE-2023-5399 was published Oct 4, 2023

SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component... Critical Unreviewed

CVE-2023-44170 was published Sep 27, 2023

SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component... Critical Unreviewed

CVE-2023-44169 was published Sep 27, 2023

SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component... Critical Unreviewed

CVE-2023-44171 was published Sep 27, 2023

Previous 1 2 3 4 5 6 7 … 23 24 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

594 advisories