Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

6,014 advisories

Loading
Woodpecker's custom workspace allow to overwrite plugin entrypoint executable High
CVE-2024-41121 was published for go.woodpecker-ci.org/woodpecker (Go) Jul 19, 2024
TorchServe vulnerable to bypass of allowed_urls configuration Critical
CVE-2024-35198 was published for torchserve (pip) Jul 18, 2024
The Filter & Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the... Critical Unreviewed
CVE-2024-6164 was published Jul 18, 2024
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information... High Unreviewed
CVE-2024-28993 was published Jul 17, 2024
The SolarWinds Access Rights Manager was found to be susceptible to an Arbitrary File Deletion... High Unreviewed
CVE-2024-23474 was published Jul 17, 2024
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information... Critical Unreviewed
CVE-2024-23475 was published Jul 17, 2024
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information... High Unreviewed
CVE-2024-28992 was published Jul 17, 2024
SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. This... Critical Unreviewed
CVE-2024-23472 was published Jul 17, 2024
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information... Critical Unreviewed
CVE-2024-23467 was published Jul 17, 2024
SolarWinds Access Rights Manager (ARM) is susceptible to a Directory Traversal Remote Code... Critical Unreviewed
CVE-2024-23466 was published Jul 17, 2024
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information... High Unreviewed
CVE-2024-23468 was published Jul 17, 2024
Path traversal vulnerability exists in FUJITSU Network Edgiot GW1500 (M2M-GW for FENICS). If a... Moderate Unreviewed
CVE-2024-40617 was published Jul 17, 2024
SeaCMS v12.9 is vulnerable to Arbitrary File Read via admin_safe.php. Moderate Unreviewed
CVE-2024-39036 was published Jul 16, 2024
The WordPress File Upload plugin for WordPress is vulnerable to Directory Traversal in all... Moderate Unreviewed
CVE-2024-5852 was published Jul 16, 2024
Directory Traversal vulnerability in xmind2testcase v.1.5 allows a remote attacker to execute... Critical Unreviewed
CVE-2024-40524 was published Jul 16, 2024
@jmondi/url-to-png contains a Path Traversal vulnerability Moderate
CVE-2024-39918 was published for @jmondi/url-to-png (npm) Jul 15, 2024
realArcherL
A vulnerability classified as problematic was found in NaiboWang EasySpider 0.6.2 on Windows.... Moderate Unreviewed
CVE-2024-6746 was published Jul 15, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to... Moderate Unreviewed
CVE-2024-39741 was published Jul 15, 2024
StoneFly Storage Concentrator (SC and SCVM) before 8.0.4.26 allows Directory Traversal by... Moderate Unreviewed
CVE-2024-31947 was published Jul 13, 2024
Local File Inclusion in Solara High
CVE-2024-39903 was published for solara (pip) Jul 12, 2024
sunriseXu
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlaceMetaData of... High Unreviewed
CVE-2024-40550 was published Jul 12, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in N... High Unreviewed
CVE-2024-38735 was published Jul 12, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-38717 was published Jul 12, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-38716 was published Jul 12, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-38706 was published Jul 12, 2024
ProTip! Advisories are also available from the GraphQL API