GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,208 advisories
Filter by severity
A low privileged remote attacker can overwrite an arbitrary file on the filesystem leading to a...
High
Unreviewed
CVE-2024-41971
was published
Nov 18, 2024
The PDF Generator Addon for Elementor Page Builder plugin for WordPress is vulnerable to Path...
High
Unreviewed
CVE-2024-9935
was published
Nov 16, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-52378
was published
Nov 14, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-52371
was published
Nov 14, 2024
Boa web server - CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path...
High
Unreviewed
CVE-2024-47916
was published
Nov 14, 2024
Avigilon – CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
High
Unreviewed
CVE-2024-45253
was published
Nov 14, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6...
High
Unreviewed
CVE-2024-34787
was published
Nov 13, 2024
The LUNA RADIO PLAYER plugin for WordPress is vulnerable to Directory Traversal in all versions...
High
Unreviewed
CVE-2024-10816
was published
Nov 13, 2024
All versions of the package source-map-support are vulnerable to Directory Traversal in the...
High
Unreviewed
CVE-2024-21540
was published
Nov 13, 2024
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0....
High
Unreviewed
CVE-2024-46954
was published
Nov 11, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6...
High
Unreviewed
CVE-2024-50322
was published
Nov 12, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6...
High
Unreviewed
CVE-2024-50324
was published
Nov 12, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6...
High
Unreviewed
CVE-2024-50329
was published
Nov 12, 2024
The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file...
High
Unreviewed
CVE-2024-10626
was published
Nov 9, 2024
In the Linux kernel, the following vulnerability has been resolved:
firmware_loader: Block path...
High
Unreviewed
CVE-2024-47742
was published
Oct 21, 2024
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup...
High
Unreviewed
CVE-2023-21418
was published
Nov 21, 2023
Sandro Poppi, member of the AXIS OS Bug Bounty Program,
has found that the VAPIX API...
High
Unreviewed
CVE-2023-21417
was published
Nov 21, 2023
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del...
High
Unreviewed
CVE-2023-21415
was published
Oct 16, 2023
In 2N Access Commander versions 3.1.1.2 and prior, a Path Traversal vulnerability could allow an...
High
Unreviewed
CVE-2024-47253
was published
Nov 5, 2024
Path Traversal: '.../...//' vulnerability in ThimPress WP Hotel Booking allows PHP Local File...
High
Unreviewed
CVE-2024-51582
was published
Nov 4, 2024
A Directory Traversal vulnerability in KasmVNC 1.3.1.230e50f7b89663316c70de7b0e3db6f6b9340489 and...
High
Unreviewed
CVE-2024-38449
was published
Jun 17, 2024
An issue was discovered in Ollama before 0.1.46. It exposes which files exist on the server on...
High
Unreviewed
CVE-2024-39722
was published
Oct 31, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-37108
was published
Nov 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-37423
was published
Nov 1, 2024
Directory Traversal in /SASStudio/sasexec/sessions/{sessionID}/workspace/{InternalPath} in SAS...
High
Unreviewed
CVE-2024-48735
was published
Oct 30, 2024
ProTip!
Advisories are also available from the
GraphQL API