GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,759
Composer 5,034
Erlang 39
GitHub Actions 38
Go 2,680
Maven 6,120
npm 4,300
NuGet 760
pip 4,078
Pub 12
RubyGems 958
Rust 1,061
Swift 45

Unreviewed advisories

All unreviewed 278,151

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

120 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Path Traversal vulnerability in FULL. FULL Customer allows Path Traversal.This issue affects FULL... Moderate Unreviewed

CVE-2024-54313 was published Dec 13, 2024

ComfyUI-Impact-Pack is vulnerable to Path Traversal. The issue stems from missing validation of... Critical Unreviewed

CVE-2024-21575 was published Dec 12, 2024

Path Traversal vulnerability in NotFound ARForms allows Path Traversal.This issue affects ARForms... High Unreviewed

CVE-2024-54216 was published Dec 6, 2024

Path Traversal: '.../...//' vulnerability in Softpulse Infotech SP Blog Designer allows PHP Local... High Unreviewed

CVE-2024-52498 was published Nov 28, 2024

The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to Directory... Moderate Unreviewed

CVE-2024-10857 was published Nov 26, 2024

The back-end does not sufficiently verify the user-controlled filename parameter which makes it... High Unreviewed

CVE-2024-50054 was published Nov 23, 2024

Path Traversal: '.../...//' vulnerability in Corporate Zen Contact Page With Google Map allows... High Unreviewed

CVE-2024-52447 was published Nov 20, 2024

: Path Traversal: '.../...//' vulnerability in CYAN Backup allows Path Traversal.This issue... Moderate Unreviewed

CVE-2024-52390 was published Nov 19, 2024

A vulnerability in the API subsystem and in the web-management interface of Cisco Network... Moderate Unreviewed

CVE-2021-1132 was published Nov 18, 2024

A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could... High Unreviewed

CVE-2020-26073 was published Nov 18, 2024

A low privileged remote attacker can specify an arbitrary file on the filesystem which may lead... High Unreviewed

CVE-2024-41973 was published Nov 18, 2024

A low privileged remote attacker can overwrite an arbitrary file on the filesystem which may lead... Moderate Unreviewed

CVE-2024-41972 was published Nov 18, 2024

The default TCL Camera application exposes a provider vulnerable to path traversal vulnerability.... High Unreviewed

CVE-2024-11136 was published Nov 14, 2024

Path Traversal: '.../...//' vulnerability in ThimPress WP Hotel Booking allows PHP Local File... High Unreviewed

CVE-2024-51582 was published Nov 4, 2024

Path Traversal: '.../...//' vulnerability in Limb WordPress Gallery Plugin – Limb Image Gallery... Moderate Unreviewed

CVE-2024-49258 was published Oct 16, 2024

Multi-DNC – CWE-35: Path Traversal: '.../...//' High Unreviewed

CVE-2024-45248 was published Oct 6, 2024

Marinus Pfund, member of the AXIS OS Bug Bounty Program, has found the VAPIX API ledlimit.cgi... Moderate Unreviewed

CVE-2024-0067 was published Sep 10, 2024

An authenticated user can download sensitive files from Trellix products NX, EX, FX, AX, IVX, ... Moderate Unreviewed

CVE-2024-7608 was published Aug 27, 2024

NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support,... High Unreviewed

CVE-2024-0113 was published Aug 12, 2024

**UNSUPPORTED WHEN ASSIGNED** Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1... Critical Unreviewed

CVE-2024-40505 was published Jul 16, 2024

Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks,... High Unreviewed

CVE-2024-39171 was published Jul 9, 2024

In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could... High Unreviewed

CVE-2024-36991 was published Jul 1, 2024

htmly v2.9.6 was discovered to contain an arbitrary file deletion vulnerability via the... Moderate Unreviewed

CVE-2024-34191 was published May 14, 2024

The File Manager plugin for WordPress is vulnerable to Directory Traversal in all versions up to,... Moderate Unreviewed

CVE-2024-2654 was published Apr 9, 2024

SAP Asset Accounting could allow a high privileged attacker to exploit insufficient validation of... High Unreviewed

CVE-2024-27901 was published Apr 9, 2024

Previous 1…45 Next

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

120 advisories