GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
45 advisories
Filter by severity
The topm-client from Chunghwa Telecom has an Arbitrary File Delete vulnerability. The application...
High
Unreviewed
CVE-2024-12646
was published
Dec 16, 2024
The tbm-client from Chunghwa Telecom has an Arbitrary File Delete vulnerability. The application...
High
Unreviewed
CVE-2024-12643
was published
Dec 16, 2024
The tbm-client from Chunghwa Telecom has an Arbitrary File vulnerability. The application sets up...
High
Unreviewed
CVE-2024-12644
was published
Dec 16, 2024
IBM InfoSphere Information Server 11.7 could allow an authenticated privileged user to obtain the...
Low
Unreviewed
CVE-2023-50955
was published
Feb 21, 2024
Ansible symlink attack vulnerability
Moderate
CVE-2023-5115
was published
for
ansible
(pip)
Dec 28, 2023
Absolute File Traversal vulnerabilities allows access and modification of un-intended resources....
Critical
Unreviewed
CVE-2024-51549
was published
Dec 5, 2024
A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been classified as problematic....
Low
Unreviewed
CVE-2024-1703
was published
Feb 21, 2024
DreamMaker from Interinfo has a Path Traversal vulnerability, allowing unauthenticated remote...
High
Unreviewed
CVE-2024-11978
was published
Nov 29, 2024
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center ...
Moderate
Unreviewed
CVE-2024-20379
was published
Oct 23, 2024
IDExpert from CHANGING Information Technology does not properly validate a specific parameter in...
Moderate
Unreviewed
CVE-2024-10651
was published
Nov 1, 2024
Butterfly has path/URL confusion in resource handling leading to multiple weaknesses
Critical
CVE-2024-47883
was published
for
org.openrefine.dependencies:butterfly
(Maven)
Oct 24, 2024
A path traversal vulnerability exists in the parisneo/lollms-webui version 9.3 on the Windows...
Critical
Unreviewed
CVE-2024-2362
was published
Jun 6, 2024
A path traversal vulnerability exists in the parisneo/lollms-webui application, specifically...
High
Unreviewed
CVE-2024-2548
was published
Jun 6, 2024
PhpSpreadsheet allows absolute path traversal and Server-Side Request Forgery in HTML writer when embedding images is enabled
Moderate
CVE-2024-45291
was published
for
phpoffice/phpspreadsheet
(Composer)
Oct 7, 2024
The fix for CVE-2024-26261 was incomplete, and and the specific package for OAKlouds from Hgiga...
Critical
Unreviewed
CVE-2024-9924
was published
Oct 14, 2024
PhpSpreadsheet allows absolute path traversal and Server-Side Request Forgery when opening XLSX file
High
CVE-2024-45290
was published
for
phpoffice/phpspreadsheet
(Composer)
Oct 7, 2024
Remote file existence check vulnerability in `mlflow server` and `mlflow ui` CLIs
Moderate
CVE-2023-1176
was published
for
mlflow
(pip)
Mar 24, 2023
Franklin Fueling Systems TS-550 EVO versions prior to 2.26.4.8967 possess a file that can be read...
High
Unreviewed
CVE-2024-8497
was published
Sep 25, 2024
OMFLOW from The SYSCOM Group does not properly validate user input of the download functionality,...
Moderate
Unreviewed
CVE-2024-8778
was published
Sep 16, 2024
Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the...
Moderate
Unreviewed
CVE-2024-7323
was published
Aug 2, 2024
Absolute path traversal vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR...
High
Unreviewed
CVE-2024-33620
was published
Jun 18, 2024
An issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. Remote unauthenticated attackers...
High
Unreviewed
CVE-2024-28806
was published
Jul 29, 2024
In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when...
High
Unreviewed
CVE-2018-20250
was published
May 13, 2022
A vulnerability in the content scanning and message filtering features of Cisco Secure Email...
Critical
Unreviewed
CVE-2024-20401
was published
Jul 17, 2024
ProTip!
Advisories are also available from the
GraphQL API