GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

585 advisories

Filter by severity

Sort by

Least recently updated

An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.6.6, 16... Critical Unreviewed

CVE-2024-0402 was published Jan 26, 2024

The Essential Blocks WordPress plugin before 4.4.3 does not prevent unauthenticated attackers... Critical Unreviewed

CVE-2023-6623 was published Jan 15, 2024

The WP Compress – Image Optimizer [All-In-One] plugin for WordPress is vulnerable to Directory... Critical Unreviewed

CVE-2023-6699 was published Jan 11, 2024

A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine... Critical Unreviewed

CVE-2023-47211 was published Jan 8, 2024

The Hotel Booking Lite WordPress plugin before 4.8.5 does not validate file paths provided via... Critical Unreviewed

CVE-2023-5991 was published Dec 26, 2023

Dreamer CMS before version 4.0.1 is vulnerable to Directory Traversal. Background template... Critical Unreviewed

CVE-2023-46886 was published Nov 29, 2023

Path traversal in file upload functionality in `/main/webservices/additional_webservices.php` in... Critical Unreviewed

CVE-2023-3533 was published Nov 28, 2023

In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after... Critical Unreviewed

CVE-2023-47246 was published Nov 10, 2023

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code... Critical Unreviewed

CVE-2023-35187 was published Oct 19, 2023

Various `node:fs` functions allow specifying paths as either strings or `Uint8Array` objects. In... Critical Unreviewed

CVE-2023-39332 was published Oct 18, 2023

Insufficient path validation when extracting a zip archive in South River Technologies' Titan MFT... Critical Unreviewed

CVE-2023-45685 was published Oct 16, 2023

A directory traversal vulnerability exists in the BIG-IP Configuration Utility that may allow an... Critical Unreviewed

CVE-2023-41373 was published Oct 10, 2023

A?CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')... Critical Unreviewed

CVE-2023-5399 was published Oct 4, 2023

SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component... Critical Unreviewed

CVE-2023-44170 was published Sep 27, 2023

SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component... Critical Unreviewed

CVE-2023-44169 was published Sep 27, 2023

SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component... Critical Unreviewed

CVE-2023-44172 was published Sep 27, 2023

SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component... Critical Unreviewed

CVE-2023-44171 was published Sep 27, 2023

SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component... Critical Unreviewed

CVE-2023-43216 was published Sep 27, 2023

In WS_FTP Server version 8.7.0 prior to 8.7.4 and version 8.8.0 prior to 8.8.2, a directory... Critical Unreviewed

CVE-2023-42657 was published Sep 27, 2023

The Watchkit has a risk of unauthorized file access.Successful exploitation of this vulnerability... Critical Unreviewed

CVE-2023-39407 was published Sep 25, 2023

In Eclipse RAP versions from 3.0.0 up to and including 3.25.0, Remote Code Execution is possible... Critical Unreviewed

CVE-2023-4760 was published Sep 21, 2023

IBM Security Directory Server 7.2.0 could allow a remote attacker to traverse directories on the... Critical Unreviewed

CVE-2022-33164 was published Sep 8, 2023

This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed

CVE-2023-4614 was published Sep 4, 2023

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed

CVE-2023-4613 was published Sep 4, 2023

IceWarp Mail Server v10.4.5 was discovered to contain a local file inclusion (LFI) vulnerability... Critical Unreviewed

CVE-2023-39699 was published Aug 25, 2023

Previous 1 2 3 4 5 6 7 … 23 24 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

585 advisories