GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,657 advisories
Filter by severity
A directory traversal vulnerability exists in the archive download functionality of Veertu Anka...
High
Unreviewed
CVE-2024-41163
was published
Oct 3, 2024
A directory traversal vulnerability exists in the log files download functionality of Veertu Anka...
High
Unreviewed
CVE-2024-41922
was published
Oct 3, 2024
The Social Web Suite – Social Media Auto Post, Social Media Auto Publish plugin for WordPress is...
High
Unreviewed
CVE-2024-8352
was published
Oct 3, 2024
OpenC3 Path Traversal via screen controller (`GHSL-2024-127`)
High
CVE-2024-46977
was published
for
openc3
(RubyGems)
Oct 2, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-44030
was published
Oct 2, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-44017
was published
Oct 2, 2024
In Infinera TNMS (Transcend Network Management System) 19.10.3, an insecure default configuration...
High
Unreviewed
CVE-2024-25659
was published
Oct 1, 2024
An issue in the _readFileSync function of Simple-Spellchecker v1.0.2 allows attackers to read...
High
Unreviewed
CVE-2024-46503
was published
Sep 30, 2024
Directory Traversal vulnerability in Plasmoapp RPShare Fabric mod v.1.0.0 allows a remote...
High
Unreviewed
CVE-2024-33369
was published
Sep 27, 2024
The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is...
High
Unreviewed
CVE-2024-7149
was published
Sep 27, 2024
The Advanced File Manager plugin for WordPress is vulnerable to Local JavaScript File Inclusion...
High
Unreviewed
CVE-2024-8704
was published
Sep 26, 2024
Directory Traversal vulnerability in Centro de Tecnologia da Informaco Renato Archer InVesalius3...
High
Unreviewed
CVE-2024-44825
was published
Sep 25, 2024
Path traversal vulnerability in Scriptcase version 9.4.019, in /scriptcase/devel/compat...
High
Unreviewed
CVE-2024-8941
was published
Sep 25, 2024
Directory Traversal vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to obtain...
High
Unreviewed
CVE-2023-26687
was published
Sep 25, 2024
Directory Traversal vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run...
High
Unreviewed
CVE-2023-26691
was published
Sep 25, 2024
eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via scan_folder.
High
Unreviewed
CVE-2024-46648
was published
Sep 20, 2024
eNMS up to 4.7.1 is vulnerable to Directory Traversal via download/folder.
High
Unreviewed
CVE-2024-46649
was published
Sep 20, 2024
eNMS 4.0.0 is vulnerable to Directory Traversal via get_tree_files.
High
Unreviewed
CVE-2024-46645
was published
Sep 20, 2024
Mesop has a local file Inclusion via static file serving functionality
High
CVE-2024-45601
was published
for
mesop
(pip)
Sep 18, 2024
Camaleon CMS vulnerable to remote code execution through code injection (GHSL-2024-185)
High
GHSA-7x4w-cj9r-h4v9
was published
for
camaleon_cms
(RubyGems)
Sep 18, 2024
Camaleon CMS vulnerable to arbitrary path traversal (GHSL-2024-183)
High
CVE-2024-46987
was published
for
camaleon_cms
(RubyGems)
Sep 18, 2024
Camaleon CMS affected by arbitrary file write to RCE (GHSL-2024-182)
High
CVE-2024-46986
was published
for
camaleon_cms
(RubyGems)
Sep 18, 2024
An authenticated Path Traversal vulnerabilities exists in the ArubaOS. Successful exploitation of...
High
Unreviewed
CVE-2024-42501
was published
Sep 17, 2024
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13...
High
Unreviewed
CVE-2024-44167
was published
Sep 17, 2024
The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18, macOS...
High
Unreviewed
CVE-2024-27869
was published
Sep 17, 2024
ProTip!
Advisories are also available from the
GraphQL API