Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

6,230 advisories

Loading
The PDF Generator Addon for Elementor Page Builder plugin for WordPress is vulnerable to Path... High Unreviewed
CVE-2024-9935 was published Nov 16, 2024
Unpatched Remote Code Execution in Gogs High
CVE-2024-44625 was published for gogs.io/gogs (Go) Nov 15, 2024
A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. This... Moderate Unreviewed
CVE-2024-11239 was published Nov 15, 2024
A vulnerability, which was classified as critical, was found in Landray EKP up to 16.0. This... Moderate Unreviewed
CVE-2024-11238 was published Nov 15, 2024
Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in... Moderate Unreviewed
CVE-2024-42499 was published Nov 15, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-52371 was published Nov 14, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-52378 was published Nov 14, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-52396 was published Nov 14, 2024
A vulnerability was found in EyouCMS 1.51. It has been rated as critical. This issue affects the... Moderate Unreviewed
CVE-2024-11210 was published Nov 14, 2024
Absolute path traversal (incorrect restriction of a path to a restricted directory) vulnerability... Moderate Unreviewed
CVE-2024-11215 was published Nov 14, 2024
A Directory listing issue was found in PHPGurukul User Registration & Login and User Management... Moderate Unreviewed
CVE-2024-50843 was published Nov 14, 2024
Boa web server - CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path... High Unreviewed
CVE-2024-47916 was published Nov 14, 2024
Avigilon – CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') High Unreviewed
CVE-2024-45253 was published Nov 14, 2024
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated... Moderate Unreviewed
CVE-2024-2552 was published Nov 14, 2024
Path traversal for some Intel(R) Extension for Transformers software before version 1.5 may allow... Moderate Unreviewed
CVE-2024-21799 was published Nov 13, 2024
DotNetZip Directory Traversal vulnerability High
CVE-2024-48510 was published for DotNetZip (NuGet) Nov 13, 2024
Craft CMS vulnerable to Potential Remote Code Execution via missing path normalization & Twig SSTI High
CVE-2024-52293 was published for craftcms/cms (Composer) Nov 13, 2024
nullchilly
Craft CMS Arbitrary System File Read High
CVE-2024-52292 was published for craftcms/cms (Composer) Nov 13, 2024
pk2codes
Local File System Validation Bypass Leading to File Overwrite, Sensitive File Access, and Potential Code Execution High
CVE-2024-52291 was published for craftcms/cms (Composer) Nov 13, 2024
senzee1984
All versions of the package source-map-support are vulnerable to Directory Traversal in the... High Unreviewed
CVE-2024-21540 was published Nov 13, 2024
The LUNA RADIO PLAYER plugin for WordPress is vulnerable to Directory Traversal in all versions... High Unreviewed
CVE-2024-10816 was published Nov 13, 2024
The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file deletion due... Critical Unreviewed
CVE-2024-11150 was published Nov 13, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-34787 was published Nov 13, 2024
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability ... Moderate Unreviewed
CVE-2024-32117 was published Nov 12, 2024
matrix-js-sdk has insufficient MXC URI validation which allows client-side path traversal Moderate
CVE-2024-50336 was published for matrix-js-sdk (npm) Nov 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database