GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,972
Composer 4,285
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,238
npm 3,741
NuGet 668
pip 3,422
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,197

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,333 advisories

Filter by severity

Sort by

Least recently updated

When mounting a remote filesystem using NFS, the kernel did not sanitize remotely provided... Moderate Unreviewed

CVE-2024-6759 was published Aug 12, 2024

The InfoScan client download page can be intercepted with a proxy, to expose filenames located... Moderate Unreviewed

CVE-2024-42408 was published Aug 8, 2024

Okta Verify for Windows is vulnerable to privilege escalation through DLL hijacking. The... Moderate Unreviewed

CVE-2024-7061 was published Aug 7, 2024

Ivanti Docs@Work for Android, before 2.26.0 is affected by the 'Dirty Stream' vulnerability. The... Moderate Unreviewed

CVE-2024-37403 was published Aug 7, 2024

Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This... Moderate Unreviewed

CVE-2024-7564 was published Aug 6, 2024

A vulnerability was found in juzaweb CMS up to 3.4.2. It has been classified as problematic.... Moderate Unreviewed

CVE-2024-7551 was published Aug 6, 2024

A vulnerability was found in elunez eladmin up to 2.7 and classified as critical. This issue... Moderate Unreviewed

CVE-2024-7458 was published Aug 5, 2024

Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the... Moderate Unreviewed

CVE-2024-7323 was published Aug 2, 2024

A vulnerability has been identified in Omnivise T3000 Application Server (All versions). Affected... Moderate Unreviewed

CVE-2024-38878 was published Aug 2, 2024

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2024-38772 was published Aug 1, 2024

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2024-38768 was published Aug 1, 2024

Dell Inventory Collector, versions prior to 12.3.0.6 contains a Path Traversal vulnerability. A... Moderate Unreviewed

CVE-2024-37129 was published Jul 31, 2024

A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma... Moderate Unreviewed

CVE-2024-27871 was published Jul 30, 2024

A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma... Moderate Unreviewed

CVE-2024-27887 was published Jul 30, 2024

SPX (aka php-spx) through 0.4.15 allows SPX_UI_URI Directory Traversal to read arbitrary files. Moderate Unreviewed

CVE-2024-42007 was published Jul 26, 2024

A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been declared... Moderate Unreviewed

CVE-2024-7080 was published Jul 24, 2024

A vulnerability classified as problematic was found in Gargaj wuhu up to... Moderate Unreviewed

CVE-2024-6949 was published Jul 21, 2024

The Mercado Pago payments for WooCommerce plugin for WordPress is vulnerable to Path Traversal in... Moderate Unreviewed

CVE-2024-3934 was published Jul 20, 2024

Path traversal vulnerability exists in FUJITSU Network Edgiot GW1500 (M2M-GW for FENICS). If a... Moderate Unreviewed

CVE-2024-40617 was published Jul 17, 2024

SeaCMS v12.9 is vulnerable to Arbitrary File Read via admin_safe.php. Moderate Unreviewed

CVE-2024-39036 was published Jul 16, 2024

The WordPress File Upload plugin for WordPress is vulnerable to Directory Traversal in all... Moderate Unreviewed

CVE-2024-5852 was published Jul 16, 2024

A vulnerability classified as problematic was found in NaiboWang EasySpider 0.6.2 on Windows.... Moderate Unreviewed

CVE-2024-6746 was published Jul 15, 2024

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to... Moderate Unreviewed

CVE-2024-39741 was published Jul 15, 2024

StoneFly Storage Concentrator (SC and SCVM) before 8.0.4.26 allows Directory Traversal by... Moderate Unreviewed

CVE-2024-31947 was published Jul 13, 2024

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2024-38716 was published Jul 12, 2024

Previous 1 2 3 4 5 6 7 … 93 94 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,333 advisories