GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
6,014 advisories
Filter by severity
Woodpecker's custom workspace allow to overwrite plugin entrypoint executable
High
CVE-2024-41121
was published
for
go.woodpecker-ci.org/woodpecker
(Go)
Jul 19, 2024
TorchServe vulnerable to bypass of allowed_urls configuration
Critical
CVE-2024-35198
was published
for
torchserve
(pip)
Jul 18, 2024
The Filter & Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the...
Critical
Unreviewed
CVE-2024-6164
was published
Jul 18, 2024
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information...
High
Unreviewed
CVE-2024-28993
was published
Jul 17, 2024
The SolarWinds Access Rights Manager was found to be susceptible to an Arbitrary File Deletion...
High
Unreviewed
CVE-2024-23474
was published
Jul 17, 2024
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information...
Critical
Unreviewed
CVE-2024-23475
was published
Jul 17, 2024
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information...
High
Unreviewed
CVE-2024-28992
was published
Jul 17, 2024
SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. This...
Critical
Unreviewed
CVE-2024-23472
was published
Jul 17, 2024
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information...
Critical
Unreviewed
CVE-2024-23467
was published
Jul 17, 2024
SolarWinds Access Rights Manager (ARM) is susceptible to a Directory Traversal Remote Code...
Critical
Unreviewed
CVE-2024-23466
was published
Jul 17, 2024
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information...
High
Unreviewed
CVE-2024-23468
was published
Jul 17, 2024
Path traversal vulnerability exists in FUJITSU Network Edgiot GW1500 (M2M-GW for FENICS). If a...
Moderate
Unreviewed
CVE-2024-40617
was published
Jul 17, 2024
SeaCMS v12.9 is vulnerable to Arbitrary File Read via admin_safe.php.
Moderate
Unreviewed
CVE-2024-39036
was published
Jul 16, 2024
The WordPress File Upload plugin for WordPress is vulnerable to Directory Traversal in all...
Moderate
Unreviewed
CVE-2024-5852
was published
Jul 16, 2024
Directory Traversal vulnerability in xmind2testcase v.1.5 allows a remote attacker to execute...
Critical
Unreviewed
CVE-2024-40524
was published
Jul 16, 2024
@jmondi/url-to-png contains a Path Traversal vulnerability
Moderate
CVE-2024-39918
was published
for
@jmondi/url-to-png
(npm)
Jul 15, 2024
A vulnerability classified as problematic was found in NaiboWang EasySpider 0.6.2 on Windows....
Moderate
Unreviewed
CVE-2024-6746
was published
Jul 15, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to...
Moderate
Unreviewed
CVE-2024-39741
was published
Jul 15, 2024
StoneFly Storage Concentrator (SC and SCVM) before 8.0.4.26 allows Directory Traversal by...
Moderate
Unreviewed
CVE-2024-31947
was published
Jul 13, 2024
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlaceMetaData of...
High
Unreviewed
CVE-2024-40550
was published
Jul 12, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in N...
High
Unreviewed
CVE-2024-38735
was published
Jul 12, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-38717
was published
Jul 12, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-38716
was published
Jul 12, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-38706
was published
Jul 12, 2024
ProTip!
Advisories are also available from the
GraphQL API