Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,610 advisories

Loading
A vulnerability, which was classified as critical, was found in SourceCodester Simple Forum... Moderate Unreviewed
CVE-2024-9032 was published Sep 20, 2024
czim/file-handling vulnerable to SSRF and directory traversal Moderate
CVE-2024-47049 was published for czim/file-handling (Composer) Sep 17, 2024
Contao affected by directory traversal in the file selector widget Moderate
CVE-2024-45604 was published for contao/core-bundle (Composer) Sep 17, 2024
usdResponsibleDisclosure
A vulnerability classified as critical was found in vedees wcms up to 0.3.2. Affected by this... Moderate Unreviewed
CVE-2024-8875 was published Sep 16, 2024
OMFLOW from The SYSCOM Group does not properly validate user input of the download functionality,... Moderate Unreviewed
CVE-2024-8778 was published Sep 16, 2024
A vulnerability, which was classified as problematic, has been found in xiaohe4966 TpMeCMS up to... Moderate Unreviewed
CVE-2024-8876 was published Sep 16, 2024
Composio Path Traversal vulnerability Moderate
CVE-2024-8865 was published for composio-core (pip) Sep 16, 2024
A vulnerability was found in JFinalCMS up to 1.0. It has been rated as critical. This issue... Moderate Unreviewed
CVE-2024-8782 was published Sep 13, 2024
A vulnerability was found in 云课网络科技有限公司 Yunke Online School System up to 3.0.6. It has been... Moderate Unreviewed
CVE-2024-8707 was published Sep 12, 2024
A vulnerability was found in JFinalCMS up to 20240903. It has been classified as problematic.... Moderate Unreviewed
CVE-2024-8706 was published Sep 12, 2024
A vulnerability, which was classified as problematic, was found in JFinalCMS up to 20240903. This... Moderate Unreviewed
CVE-2024-8694 was published Sep 11, 2024
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet... Moderate Unreviewed
CVE-2024-21753 was published Sep 10, 2024
Orca HCM from LEARNING DIGITA does not properly restrict a specific parameter of the file... Moderate Unreviewed
CVE-2024-8585 was published Sep 9, 2024
A path traversal vulnerability has been reported to affect several QNAP operating system versions... Moderate Unreviewed
CVE-2024-21904 was published Sep 6, 2024
IBM webMethods Integration 10.15 could allow an authenticated user to traverse directories on the... Moderate Unreviewed
CVE-2024-45074 was published Sep 4, 2024
A vulnerability classified as problematic has been found in ABCD ABCD2 up to 2.2.0-beta-1. This... Moderate Unreviewed
CVE-2024-8409 was published Sep 4, 2024
A vulnerability classified as problematic was found in ABCD ABCD2 up to 2.2.0-beta-1. This... Moderate Unreviewed
CVE-2024-8410 was published Sep 4, 2024
Path Traversal in My Files prior to SMR Sep-2024 Release 1 allows physical attackers to access... Moderate Unreviewed
CVE-2024-34653 was published Sep 4, 2024
Directory traversal vulnerability in the cust module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-45443 was published Sep 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-43957 was published Aug 29, 2024
A vulnerability has been found in jpress up to 5.1.1 and classified as critical. Affected by this... Moderate Unreviewed
CVE-2024-8304 was published Aug 29, 2024
In WS_FTP Server versions before 8.8.8 (2022.0.8), an Improper Limitation of a Pathname to a... Moderate Unreviewed
CVE-2024-7744 was published Aug 28, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-4556 was published Aug 28, 2024
A path traversal vulnerability exists in the Xiaomi File Manager application product... Moderate Unreviewed
CVE-2023-26321 was published Aug 28, 2024
The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file deletion in all... Moderate Unreviewed
CVE-2024-6312 was published Aug 28, 2024
ProTip! Advisories are also available from the GraphQL API