GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
83 advisories
Filter by severity
The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to arbitrary file...
Low
Unreviewed
CVE-2024-10672
was published
Nov 12, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is...
Low
Unreviewed
CVE-2023-40439
was published
Jan 11, 2024
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to upload...
Low
Unreviewed
CVE-2024-20528
was published
Nov 6, 2024
Relative path traversal in the Zoom Client SDK before version 5.15.0 may allow an unauthorized...
Low
Unreviewed
CVE-2023-34117
was published
Jul 11, 2023
IBM InfoSphere BigInsights before 2.1.0.3 allows remote authenticated users to bypass intended...
Low
Unreviewed
CVE-2013-3993
was published
May 17, 2022
A path traversal vulnerability was reported in the Motorola Ready For application that could...
Low
Unreviewed
CVE-2023-41825
was published
May 3, 2024
The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitize the dir parameter...
Low
Unreviewed
CVE-2023-2117
was published
May 30, 2023
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A path traversal...
Low
Unreviewed
CVE-2023-27409
was published
May 9, 2023
The Orders Tracking for WooCommerce WordPress plugin before 1.2.6 doesn't validate the file_url...
Low
Unreviewed
CVE-2023-4216
was published
Sep 4, 2023
An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP (as a...
Low
Unreviewed
CVE-2023-25186
was published
Jun 16, 2023
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3,...
Low
Unreviewed
CVE-2022-42474
was published
Jun 13, 2023
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1...
Low
Unreviewed
CVE-2023-29128
was published
May 9, 2023
Dell Unity, versions prior to 5.4, contain a path traversal vulnerability in its...
Low
Unreviewed
CVE-2024-22226
was published
Feb 12, 2024
In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives
Low
Unreviewed
CVE-2024-24940
was published
Feb 6, 2024
A vulnerability, which was classified as problematic, was found in KDE Plasma Workspace up to 5...
Low
Unreviewed
CVE-2024-1433
was published
Feb 12, 2024
Zoho ManageEngine ADAudit Plus before 7270 allows admin users to view names of arbitrary...
Low
Unreviewed
CVE-2023-50785
was published
Jan 25, 2024
The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does...
Low
Unreviewed
CVE-2023-2252
was published
Jan 16, 2024
Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in...
Low
Unreviewed
CVE-2024-20805
was published
Jan 4, 2024
A vulnerability was found in Inis up to 2.0.1. It has been rated as problematic. This issue...
Low
Unreviewed
CVE-2024-0341
was published
Jan 9, 2024
The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Directory...
Low
Unreviewed
CVE-2022-2945
was published
Sep 7, 2022
In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An...
Low
Unreviewed
CVE-2022-37703
was published
Sep 14, 2022
SAP Master Data Governance File Upload application allows an attacker to exploit insufficient...
Low
Unreviewed
CVE-2023-49058
was published
Dec 12, 2023
A vulnerability was found in ระบบบัญชีออนไลน์ Online Accounting System up to 1.4.0 and classified...
Low
Unreviewed
CVE-2018-25094
was published
Dec 3, 2023
The LifterLMS – WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to...
Low
Unreviewed
CVE-2023-6160
was published
Nov 22, 2023
It was discovered that Kibana was not validating a user supplied path, which would load .pbf...
Low
Unreviewed
CVE-2021-22151
was published
Nov 22, 2023
ProTip!
Advisories are also available from the
GraphQL API