GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,317 advisories

Filter by severity

Sort by

Least recently updated

Incorrectly limiting the path to a restricted directory vulnerability in Badger Meter Monitool... Moderate Unreviewed

CVE-2024-1303 was published Mar 12, 2024

Directory traversal vulnerability exists in a-blog cms Ver.3.1.x series Ver.3.1.9 and earlier,... Moderate Unreviewed

CVE-2024-27279 was published Mar 12, 2024

A path traversal vulnerability has been reported to affect Photo Station. If exploited, the... Moderate Unreviewed

CVE-2023-47221 was published Mar 8, 2024

A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma... Moderate Unreviewed

CVE-2024-23216 was published Mar 8, 2024

A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an... Moderate Unreviewed

CVE-2024-20345 was published Mar 6, 2024

Directory Traversal vulnerability in Jeewms v.3.7 and before allows a remote attacker to obtain... Moderate Unreviewed

CVE-2024-27765 was published Mar 6, 2024

There is an arbitrary file deletion vulnerability in the CLI used by ArubaOS. Successful... Moderate Unreviewed

CVE-2024-25614 was published Mar 5, 2024

IBM Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a remote... Moderate Unreviewed

CVE-2023-38366 was published Mar 1, 2024

Session version 1.17.5 allows obtaining internal application files and public files from the... Moderate Unreviewed

CVE-2024-2045 was published Mar 1, 2024

Possible path traversal in Apache OFBiz allowing file inclusion. Users are recommended to upgrade... Moderate Unreviewed

CVE-2024-23946 was published Feb 29, 2024

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2023-24416 was published Feb 23, 2024

A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been declared as critical. This... Moderate Unreviewed

CVE-2024-1704 was published Feb 21, 2024

A directory traversal vulnerability exists in the F5OS QKView utility that allows an... Moderate Unreviewed

CVE-2024-23607 was published Feb 14, 2024

A path traversal vulnerability was identified in GitHub Enterprise Server that allowed an... Moderate Unreviewed

CVE-2024-1082 was published Feb 13, 2024

An issue was discovered in Atos Unify OpenScape Voice Trace Manager V8 before V8 R0.9.11. It... Moderate Unreviewed

CVE-2023-40264 was published Feb 9, 2024

Leanote version 2.7.0 allows obtaining arbitrary local files. This is possible because the... Moderate Unreviewed

CVE-2024-0849 was published Feb 7, 2024

In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives Moderate Unreviewed

CVE-2024-24942 was published Feb 6, 2024

In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL... Moderate Unreviewed

CVE-2024-24938 was published Feb 6, 2024

The WP Recipe Maker plugin for WordPress is vulnerable to Directory Traversal in all versions up... Moderate Unreviewed

CVE-2024-0380 was published Feb 6, 2024

A path traversal vulnerability has been reported to affect several QNAP operating system versions... Moderate Unreviewed

CVE-2023-45027 was published Feb 2, 2024

A path traversal vulnerability has been reported to affect several QNAP operating system versions... Moderate Unreviewed

CVE-2023-45026 was published Feb 2, 2024

The Popup More Popups, Lightboxes, and more popup modules plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-0844 was published Feb 2, 2024

: Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows... Moderate Unreviewed

CVE-2021-22281 was published Feb 2, 2024

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path... Moderate Unreviewed

CVE-2024-22096 was published Feb 2, 2024

An attacker could potentially exploit this vulnerability, leading to files being read from the... Moderate Unreviewed

CVE-2023-5390 was published Jan 31, 2024

Previous 1 2 … 7 8 9 10 11 … 92 93 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,317 advisories