GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
685 advisories
Filter by severity
The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file deletion due...
Critical
Unreviewed
CVE-2024-11150
was published
Nov 13, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected...
Critical
Unreviewed
CVE-2024-46888
was published
Nov 12, 2024
The WPLMS Learning Management System for WordPress, WordPress LMS theme for WordPress is...
Critical
Unreviewed
CVE-2024-10470
was published
Nov 9, 2024
The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file...
Critical
Unreviewed
CVE-2024-10625
was published
Nov 9, 2024
jj vulnerable to path traversal via crafted Git repositories
Critical
CVE-2024-51990
was published
for
jj-lib
(Rust)
Nov 7, 2024
Webswing 23.2.2 allows remote attackers to modify client-side JavaScript code to achieve path...
Critical
Unreviewed
CVE-2024-39332
was published
Oct 31, 2024
A path traversal vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The...
Critical
Unreviewed
CVE-2024-5982
was published
Oct 29, 2024
An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Mango API before 4.5.5 allows...
Critical
Unreviewed
CVE-2024-37847
was published
Oct 25, 2024
Butterfly has path/URL confusion in resource handling leading to multiple weaknesses
Critical
CVE-2024-47883
was published
for
org.openrefine.dependencies:butterfly
(Maven)
Oct 24, 2024
Kieback & Peter's DDC4000 series is vulnerable to a path traversal vulnerability, which may allow...
Critical
Unreviewed
CVE-2024-41717
was published
Oct 23, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Critical
Unreviewed
CVE-2024-49286
was published
Oct 20, 2024
The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File...
Critical
Unreviewed
CVE-2019-25213
was published
Oct 16, 2024
Vendure asset server plugin has local file read vulnerability with AssetServerPlugin & LocalAssetStorageStrategy
Critical
CVE-2024-48914
was published
for
@vendure/asset-server-plugin
(npm)
Oct 15, 2024
The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up...
Critical
Unreviewed
CVE-2024-9047
was published
Oct 12, 2024
Mecha CMS 3.0.0 is vulnerable to Directory Traversal. An attacker can construct cookies and URIs...
Critical
Unreviewed
CVE-2024-46446
was published
Oct 7, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Critical
Unreviewed
CVE-2024-44014
was published
Oct 5, 2024
Agnai vulnerable to Remote Code Execution via JS Upload using Directory Traversal
Critical
CVE-2024-47169
was published
for
agnai
(npm)
Sep 26, 2024
The WooEvents - Calendar and Event Booking plugin for WordPress is vulnerable to arbitrary file...
Critical
Unreviewed
CVE-2024-8671
was published
Sep 24, 2024
Directory Traversal in the web interface of the Tiptel IP 286 with firmware version 2.61.13.10...
Critical
Unreviewed
CVE-2024-33109
was published
Sep 19, 2024
Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to...
Critical
Unreviewed
CVE-2024-8963
was published
Sep 19, 2024
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the...
Critical
Unreviewed
CVE-2024-46375
was published
Sep 18, 2024
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the...
Critical
Unreviewed
CVE-2024-46376
was published
Sep 18, 2024
The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that...
Critical
Unreviewed
CVE-2024-8752
was published
Sep 16, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Critical
Unreviewed
CVE-2024-7609
was published
Sep 11, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Critical
Unreviewed
CVE-2024-6445
was published
Sep 6, 2024
ProTip!
Advisories are also available from the
GraphQL API