GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
51 advisories
Filter by severity
TenderDocTransfer from Chunghwa Telecom has an Arbitrary File Write vulnerability. The...
High
Unreviewed
CVE-2024-12642
was published
Dec 16, 2024
In JetBrains YouTrack before 2024.3.51866 system takeover was possible through path traversal in...
High
Unreviewed
CVE-2024-54154
was published
Dec 4, 2024
The DVC from TRCore has a Path Traversal vulnerability, allowing unauthenticated remote attackers...
High
Unreviewed
CVE-2024-11309
was published
Nov 18, 2024
The DVC from TRCore has a Path Traversal vulnerability, allowing unauthenticated remote attackers...
High
Unreviewed
CVE-2024-11310
was published
Nov 18, 2024
The D-Link DSL6740C modem has a Path Traversal Vulnerability, allowing unauthenticated remote...
High
Unreviewed
CVE-2024-11067
was published
Nov 11, 2024
Relative Path Traversal vulnerability in Webangon The Pack Elementor addons allows PHP Local File...
High
Unreviewed
CVE-2024-50453
was published
Oct 28, 2024
Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing...
High
Unreviewed
CVE-2024-10200
was published
Oct 21, 2024
Relative Path Traversal vulnerability in James Park Analyse Uploads allows Relative Path...
High
Unreviewed
CVE-2024-49253
was published
Oct 16, 2024
: Relative Path Traversal vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Path...
High
Unreviewed
CVE-2024-47637
was published
Oct 16, 2024
Enterprise Cloud Database from Ragic does not properly validate a specific page parameter,...
High
Unreviewed
CVE-2024-9983
was published
Oct 15, 2024
In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user...
High
Unreviewed
CVE-2024-45731
was published
Oct 14, 2024
The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing...
High
Unreviewed
CVE-2024-9922
was published
Oct 14, 2024
A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated,...
High
Unreviewed
CVE-2024-20449
was published
Oct 2, 2024
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-43454
was published
Sep 10, 2024
Raiden MAILD Remote Management System from Team Johnlong Software has a Relative Path Traversal...
High
Unreviewed
CVE-2024-7693
was published
Aug 12, 2024
Relative Path Traversal in GitHub repository stitionai/devika prior to -.
High
Unreviewed
CVE-2024-6433
was published
Jul 10, 2024
Relative Path Traversal in GitHub repository stitionai/devika prior to -.
High
Unreviewed
CVE-2024-5547
was published
Jun 27, 2024
Path traversal vulnerability in the web server of the Toshiba printer enables attacker to...
High
Unreviewed
CVE-2024-3497
was published
Jun 14, 2024
Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker
to access...
High
Unreviewed
CVE-2023-3940
was published
May 21, 2024
A specially crafted Zip file containing path traversal characters can be
imported to the ...
High
Unreviewed
CVE-2024-33615
was published
May 15, 2024
Windows Hyper-V Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-30010
was published
May 14, 2024
mintplex-labs/anything-llm is vulnerable to a relative path traversal attack, allowing...
High
Unreviewed
CVE-2024-0549
was published
Apr 16, 2024
ABB has internally identified a vulnerability in the ABB VPNI feature of the S+ Control API...
High
Unreviewed
CVE-2024-0335
was published
Apr 3, 2024
The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied...
High
Unreviewed
CVE-2024-2053
was published
Mar 21, 2024
Unitronics Unistream Unilogic – Versions prior to 1.35.227 -
CWE-23: Relative Path Traversal
High
Unreviewed
CVE-2024-27770
was published
Mar 18, 2024
ProTip!
Advisories are also available from the
GraphQL API