Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,150
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

5,839 advisories

Loading
Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2024-7564 was published Aug 6, 2024
A vulnerability was found in juzaweb CMS up to 3.4.2. It has been classified as problematic.... Moderate Unreviewed
CVE-2024-7551 was published Aug 6, 2024
The WPBakery Visual Composer plugin for WordPress is vulnerable to Local File Inclusion in all... High Unreviewed
CVE-2024-5709 was published Aug 6, 2024
Path traversal in Calibre <= 7.14.0 allow unauthenticated attackers to achieve arbitrary file read. High Unreviewed
CVE-2024-6781 was published Aug 6, 2024
Reposilite Arbitrary File Read vulnerability High
CVE-2024-36117 was published for com.reposilite:reposilite-backend (Maven) Aug 5, 2024
Owncast Path Traversal vulnerability Low
CVE-2024-31450 was published for github.com/owncast/owncast (Go) Aug 5, 2024
Nuxt Devtools has a Path Traversal: '../filedir' High
CVE-2024-23657 was published for @nuxt/devtools (npm) Aug 5, 2024
OhB00 antfu
A vulnerability was found in elunez eladmin up to 2.7 and classified as critical. This issue... Moderate Unreviewed
CVE-2024-7458 was published Aug 5, 2024
Path traversal in Reposilite javadoc file expansion (arbitrary file creation/overwrite) (`GHSL-2024-073`) High
CVE-2024-36116 was published for com.reposilite:reposilite-backend (Maven) Aug 2, 2024
artsploit
A vulnerability has been identified in Omnivise T3000 Application Server (All versions). Affected... Moderate Unreviewed
CVE-2024-38878 was published Aug 2, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-39619 was published Aug 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-39624 was published Aug 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-39621 was published Aug 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-38768 was published Aug 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-38772 was published Aug 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-38746 was published Aug 1, 2024
Weave server API vulnerable to arbitrary file leak High
CVE-2024-7340 was published for weave (pip) Jul 31, 2024
Dell Inventory Collector, versions prior to 12.3.0.6 contains a Path Traversal vulnerability. A... Moderate Unreviewed
CVE-2024-37129 was published Jul 31, 2024
Cybonet - CWE-22: Improper Limitation of a Pathname to a Restricted Directory High Unreviewed
CVE-2024-41695 was published Jul 30, 2024
Comodo Internet Security Pro Directory Traversal Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2024-7248 was published Jul 30, 2024
tgstation-server's DreamMaker environment files outside the deployment directory can be compiled and ran by insufficiently permissioned users High
CVE-2024-41799 was published for Tgstation.Server.Api (NuGet) Jul 29, 2024
SandPoot Cyberboss
Path traversal vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e. If this... High Unreviewed
CVE-2024-41726 was published Jul 29, 2024
Directory Traversal vulnerability in Severalnines Cluster Control 1.9.8 before 1.9.8-9778, 2.0.0... High Unreviewed
CVE-2024-41628 was published Jul 26, 2024
SPX (aka php-spx) through 0.4.15 allows SPX_UI_URI Directory Traversal to read arbitrary files. Moderate Unreviewed
CVE-2024-42007 was published Jul 26, 2024
ICEcoder Path Traversal vulnerability Moderate
CVE-2024-41373 was published for icecoder/icecoder (Composer) Jul 26, 2024
ProTip! Advisories are also available from the GraphQL API