GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,117 advisories
Filter by severity
A path traversal vulnerability exists in the Rockwell Automation affected product. If exploited,...
High
Unreviewed
CVE-2024-7961
was published
Sep 12, 2024
An authenticated Path Traversal vulnerabilities exists in the ArubaOS. Successful exploitation of...
High
Unreviewed
CVE-2024-42501
was published
Sep 17, 2024
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13...
High
Unreviewed
CVE-2024-44167
was published
Sep 17, 2024
The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18, macOS...
High
Unreviewed
CVE-2024-27869
was published
Sep 17, 2024
A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow...
High
Unreviewed
CVE-2021-3806
was published
May 24, 2022
Type Confusion in V8 in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to...
High
Unreviewed
CVE-2024-5158
was published
May 22, 2024
NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support,...
High
Unreviewed
CVE-2024-0113
was published
Aug 12, 2024
phpok v3.0 was discovered to contain an arbitrary file read vulnerability via the component ...
High
Unreviewed
CVE-2024-44867
was published
Sep 10, 2024
Arbitrary File Read vulnerability in Xi'an Daxi Information Technology Co., Ltd OfficeWeb365 v.7...
High
Unreviewed
CVE-2024-37728
was published
Sep 10, 2024
nix 2.24 through 2.24.5 allows directory traversal via a symlink in a nar file, because of...
High
Unreviewed
CVE-2024-45845
was published
Sep 10, 2024
A vulnerability has been discovered in Node.js version 20, specifically within the experimental...
High
Unreviewed
CVE-2023-30584
was published
Sep 7, 2024
SeaCMS v13.1 was discovered to an arbitrary file read vulnerability via the component admin_safe...
High
Unreviewed
CVE-2024-44720
was published
Sep 9, 2024
A path traversal vulnerability allows an attacker with a low-privileged account and local access...
High
Unreviewed
CVE-2024-40712
was published
Sep 7, 2024
A path traversal issue in API endpoint in M-Files Server before version 24.8.13981.0 allows...
High
Unreviewed
CVE-2024-6789
was published
Aug 27, 2024
Directory Traversal vulnerability in FME Modules customfields v.2.2.7 and before allows a remote...
High
Unreviewed
CVE-2024-33274
was published
Apr 30, 2024
Path traversal in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute...
High
Unreviewed
CVE-2024-34656
was published
Sep 4, 2024
A path traversal vulnerability has been reported to affect several QNAP operating system versions...
High
Unreviewed
CVE-2023-51366
was published
Sep 6, 2024
Raiden MAILD Remote Management System from Team Johnlong Software has a Relative Path Traversal...
High
Unreviewed
CVE-2024-7693
was published
Aug 12, 2024
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Sensitive information is...
High
Unreviewed
CVE-2024-45175
was published
Sep 5, 2024
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper user...
High
Unreviewed
CVE-2024-45178
was published
Sep 5, 2024
Couchbase Server 7.1.4 before 7.1.5 and 7.2.0 before 7.2.1 allows Directory Traversal.
High
Unreviewed
CVE-2023-36667
was published
Nov 9, 2023
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Directory...
High
Unreviewed
CVE-2024-8104
was published
Sep 4, 2024
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download...
High
Unreviewed
CVE-2021-20124
was published
May 24, 2022
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download...
High
Unreviewed
CVE-2021-20123
was published
May 24, 2022
Vulnerability in Delinea Centrify PAS v. 21.3 and possibly others. The application is prone to...
High
Unreviewed
CVE-2024-5865
was published
Jul 2, 2024
ProTip!
Advisories are also available from the
GraphQL API