Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

6,197 advisories

Loading
The WPLMS Learning Management System for WordPress, WordPress LMS theme for WordPress is... Critical Unreviewed
CVE-2024-10470 was published Nov 9, 2024
The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2024-10626 was published Nov 9, 2024
The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2024-10625 was published Nov 9, 2024
An issue in EnvisionWare Computer Access & Reservation Control SelfCheck v1.0 (fixed in OneStop 3... Moderate Unreviewed
CVE-2024-37825 was published Jun 24, 2024
In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Block path... High Unreviewed
CVE-2024-47742 was published Oct 21, 2024
changedetection.io path traversal using file URI scheme without supplying hostname High
CVE-2024-51998 was published for changedetection.io (pip) Nov 7, 2024
Erb3
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup... High Unreviewed
CVE-2023-21418 was published Nov 21, 2023
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del... High Unreviewed
CVE-2023-21415 was published Oct 16, 2023
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API... High Unreviewed
CVE-2023-21417 was published Nov 21, 2023
Marinus Pfund, member of the AXIS OS Bug Bounty Program, has found the VAPIX API ledlimit.cgi... Moderate Unreviewed
CVE-2024-0067 was published Sep 10, 2024
An issue was discovered in Artifex Ghostscript before 10.03.1. There is path traversal (via a... Moderate Unreviewed
CVE-2024-33870 was published Jul 3, 2024
Moodle has CSRF risk in Feedback non-respondents report High
CVE-2024-43434 was published for moodle/moodle (Composer) Nov 7, 2024
Jenkins Report Info Plugin Path Traversal vulnerability Low
CVE-2024-5273 was published for org.jenkins-ci.plugins:report-info (Maven) May 24, 2024
Moodle LFI vulnerability when restoring malformed block backups Moderate
CVE-2024-43440 was published for moodle/moodle (Composer) Nov 7, 2024
jj vulnerable to path traversal via crafted Git repositories Critical
CVE-2024-51990 was published for jj-lib (Rust) Nov 7, 2024
joernchen yuja
In 2N Access Commander versions 3.1.1.2 and prior, a Path Traversal vulnerability could allow an... High Unreviewed
CVE-2024-47253 was published Nov 5, 2024
A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the... Moderate Unreviewed
CVE-2024-9676 was published Oct 15, 2024
Gradio vulnerable to arbitrary file read with File and UploadButton components Moderate
CVE-2024-51751 was published for gradio (pip) Nov 6, 2024
ifratric
Buildah allows arbitrary directory mount Moderate
CVE-2024-9675 was published for github.com/containers/buildah (Go) Oct 9, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2023-40439 was published Jan 11, 2024
Path Traversal: '.../...//' vulnerability in ThimPress WP Hotel Booking allows PHP Local File... High Unreviewed
CVE-2024-51582 was published Nov 4, 2024
A Directory Traversal vulnerability in KasmVNC 1.3.1.230e50f7b89663316c70de7b0e3db6f6b9340489 and... High Unreviewed
CVE-2024-38449 was published Jun 17, 2024
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and... Moderate Unreviewed
CVE-2024-20529 was published Nov 6, 2024
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and... Moderate Unreviewed
CVE-2024-20532 was published Nov 6, 2024
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and... Moderate Unreviewed
CVE-2024-20527 was published Nov 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database