GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,990
Composer 4,293
Erlang 31
GitHub Actions 21
Go 2,061
Maven 5,239
npm 3,744
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,532

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,335 advisories

Filter by severity

Sort by

Least recently updated

CMSeasy 7.7.7.9 is vulnerable to code execution. Moderate Unreviewed

CVE-2024-32163 was published Apr 17, 2024

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2023-52144 was published Apr 15, 2024

A vulnerability was found in cym1102 nginxWebUI up to 3.9.9. It has been rated as critical.... Moderate Unreviewed

CVE-2024-3737 was published Apr 13, 2024

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2024-31287 was published Apr 10, 2024

A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet... Moderate Unreviewed

CVE-2024-31487 was published Apr 9, 2024

An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet... Moderate Unreviewed

CVE-2023-47541 was published Apr 9, 2024

Vulnerability of file path verification being bypassed in the email module. Impact: Successful... Moderate Unreviewed

CVE-2023-52544 was published Apr 8, 2024

A vulnerability was found in Dreamer CMS up to 4.1.3.0. It has been declared as critical.... Moderate Unreviewed

CVE-2024-3311 was published Apr 4, 2024

The HCL BigFix Inventory server is vulnerable to path traversal which enables an attacker to read... Moderate Unreviewed

CVE-2024-23540 was published Apr 3, 2024

A vulnerability, which was classified as critical, was found in NUUO NVRmini 2 up to 3.0.8.... Moderate Unreviewed

CVE-2016-15038 was published Apr 1, 2024

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2024-30492 was published Mar 29, 2024

A vulnerability was found in Qdrant up to 1.6.1/1.7.4/1.8.2 and classified as critical. This... Moderate Unreviewed

CVE-2024-3078 was published Mar 29, 2024

Path Traversal in Sonatype IQ Server from version 143 allows remote authenticated attackers to... Moderate Unreviewed

CVE-2024-1142 was published Mar 21, 2024

Directory Traversal vulnerability in Speedy11CZ MCRPX v.1.4.0 and before allows a local attacker... Moderate Unreviewed

CVE-2024-24043 was published Mar 19, 2024

A path traversal vulnerability exists in GoAnywhere MFT prior to 7.4.2 which allows attackers to... Moderate Unreviewed

CVE-2024-25156 was published Mar 14, 2024

An improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in... Moderate Unreviewed

CVE-2024-22398 was published Mar 14, 2024

Improper URL validation leads to path traversal in FileCatalyst Direct 3.8.8 and earlier allowing... Moderate Unreviewed

CVE-2024-25154 was published Mar 13, 2024

Incorrectly limiting the path to a restricted directory vulnerability in Badger Meter Monitool... Moderate Unreviewed

CVE-2024-1303 was published Mar 12, 2024

Directory traversal vulnerability exists in a-blog cms Ver.3.1.x series Ver.3.1.9 and earlier,... Moderate Unreviewed

CVE-2024-27279 was published Mar 12, 2024

A path traversal vulnerability has been reported to affect Photo Station. If exploited, the... Moderate Unreviewed

CVE-2023-47221 was published Mar 8, 2024

A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma... Moderate Unreviewed

CVE-2024-23216 was published Mar 8, 2024

A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an... Moderate Unreviewed

CVE-2024-20345 was published Mar 6, 2024

Directory Traversal vulnerability in Jeewms v.3.7 and before allows a remote attacker to obtain... Moderate Unreviewed

CVE-2024-27765 was published Mar 6, 2024

There is an arbitrary file deletion vulnerability in the CLI used by ArubaOS. Successful... Moderate Unreviewed

CVE-2024-25614 was published Mar 5, 2024

IBM Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a remote... Moderate Unreviewed

CVE-2023-38366 was published Mar 1, 2024

Previous 1 2 … 7 8 9 10 11 … 93 94 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,335 advisories