GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
87 advisories
Filter by severity
The game extension engine of versions 1.2.7.0 and earlier exposes some components, and attackers...
Low
Unreviewed
CVE-2024-46939
was published
Nov 28, 2024
A path traversal vulnerability has been reported to affect several QNAP operating system versions...
Low
Unreviewed
CVE-2024-37046
was published
Nov 22, 2024
The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to arbitrary file...
Low
Unreviewed
CVE-2024-10672
was published
Nov 12, 2024
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to upload...
Low
Unreviewed
CVE-2024-20528
was published
Nov 6, 2024
A path traversal vulnerability was reported in the Motorola Ready For application that could...
Low
Unreviewed
CVE-2023-41825
was published
May 3, 2024
A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been classified as problematic....
Low
Unreviewed
CVE-2024-1703
was published
Feb 21, 2024
IBM InfoSphere Information Server 11.7 could allow an authenticated privileged user to obtain the...
Low
Unreviewed
CVE-2023-50955
was published
Feb 21, 2024
Dell Unity, versions prior to 5.4, contain a path traversal vulnerability in its...
Low
Unreviewed
CVE-2024-22226
was published
Feb 12, 2024
A vulnerability, which was classified as problematic, was found in KDE Plasma Workspace up to 5...
Low
Unreviewed
CVE-2024-1433
was published
Feb 12, 2024
In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives
Low
Unreviewed
CVE-2024-24940
was published
Feb 6, 2024
Zoho ManageEngine ADAudit Plus before 7270 allows admin users to view names of arbitrary...
Low
Unreviewed
CVE-2023-50785
was published
Jan 25, 2024
The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does...
Low
Unreviewed
CVE-2023-2252
was published
Jan 16, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is...
Low
Unreviewed
CVE-2023-40439
was published
Jan 11, 2024
A vulnerability was found in Inis up to 2.0.1. It has been rated as problematic. This issue...
Low
Unreviewed
CVE-2024-0341
was published
Jan 9, 2024
Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in...
Low
Unreviewed
CVE-2024-20805
was published
Jan 4, 2024
SAP Master Data Governance File Upload application allows an attacker to exploit insufficient...
Low
Unreviewed
CVE-2023-49058
was published
Dec 12, 2023
A vulnerability was found in ระบบบัญชีออนไลน์ Online Accounting System up to 1.4.0 and classified...
Low
Unreviewed
CVE-2018-25094
was published
Dec 3, 2023
The LifterLMS – WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to...
Low
Unreviewed
CVE-2023-6160
was published
Nov 22, 2023
It was discovered that Kibana was not validating a user supplied path, which would load .pbf...
Low
Unreviewed
CVE-2021-22151
was published
Nov 22, 2023
A vulnerability was found in SATO CL4NX-J Plus 1.13.2-u455_r2. It has been rated as problematic....
Low
Unreviewed
CVE-2023-5327
was published
Oct 2, 2023
A vulnerability was found in WhiteHSBG JNDIExploit 1.4 on Windows. It has been rated as...
Low
Unreviewed
CVE-2023-5257
was published
Sep 29, 2023
A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR...
Low
Unreviewed
CVE-2023-5142
was published
Sep 25, 2023
The Orders Tracking for WooCommerce WordPress plugin before 1.2.6 doesn't validate the file_url...
Low
Unreviewed
CVE-2023-4216
was published
Sep 4, 2023
Relative path traversal in the Zoom Client SDK before version 5.15.0 may allow an unauthorized...
Low
Unreviewed
CVE-2023-34117
was published
Jul 11, 2023
An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP (as a...
Low
Unreviewed
CVE-2023-25186
was published
Jun 16, 2023
ProTip!
Advisories are also available from the
GraphQL API