Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

6,206 advisories

Loading
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability ... Moderate Unreviewed
CVE-2024-32117 was published Nov 12, 2024
matrix-js-sdk has insufficient MXC URI validation which allows client-side path traversal Moderate
CVE-2024-50336 was published for matrix-js-sdk (npm) Nov 12, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-50329 was published Nov 12, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-50324 was published Nov 12, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-50322 was published Nov 12, 2024
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All... Moderate Unreviewed
CVE-2024-50559 was published Nov 12, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected... Critical Unreviewed
CVE-2024-46888 was published Nov 12, 2024
A vulnerability, which was classified as problematic, was found in ???????????? Lingdang CRM up... Moderate Unreviewed
CVE-2024-11123 was published Nov 12, 2024
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0.... High Unreviewed
CVE-2024-46954 was published Nov 11, 2024
The WPLMS Learning Management System for WordPress, WordPress LMS theme for WordPress is... Critical Unreviewed
CVE-2024-10470 was published Nov 9, 2024
The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2024-10626 was published Nov 9, 2024
The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2024-10625 was published Nov 9, 2024
changedetection.io path traversal using file URI scheme without supplying hostname High
CVE-2024-51998 was published for changedetection.io (pip) Nov 7, 2024
Erb3
jj vulnerable to path traversal via crafted Git repositories Critical
CVE-2024-51990 was published for jj-lib (Rust) Nov 7, 2024
joernchen yuja
Moodle has CSRF risk in Feedback non-respondents report High
CVE-2024-43434 was published for moodle/moodle (Composer) Nov 7, 2024
Moodle LFI vulnerability when restoring malformed block backups Moderate
CVE-2024-43440 was published for moodle/moodle (Composer) Nov 7, 2024
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and... Moderate Unreviewed
CVE-2024-20529 was published Nov 6, 2024
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to upload... Low Unreviewed
CVE-2024-20528 was published Nov 6, 2024
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and... Moderate Unreviewed
CVE-2024-20532 was published Nov 6, 2024
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and... Moderate Unreviewed
CVE-2024-20527 was published Nov 6, 2024
Gradio vulnerable to arbitrary file read with File and UploadButton components Moderate
CVE-2024-51751 was published for gradio (pip) Nov 6, 2024
ifratric
An authenticated Path Traversal vulnerability exists in Instant AOS-8 and AOS-10. Successful... Moderate Unreviewed
CVE-2024-47464 was published Nov 6, 2024
cap-std doesn't fully sandbox all the Windows device filenames Low
CVE-2024-51756 was published for cap-async-std (Rust) Nov 5, 2024
nathaniel-daniel
In 2N Access Commander versions 3.1.1.2 and prior, a Path Traversal vulnerability could allow an... High Unreviewed
CVE-2024-47253 was published Nov 5, 2024
Reposilite vulnerable to path traversal while serving javadoc expanded files (arbitrary file read) (`GHSL-2024-074`) High
GHSA-82j3-hf72-7x93 was published for com.reposilite:reposilite-backend (Maven) Nov 4, 2024
artsploit
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database