Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

2,735 advisories

Loading
Zohocorp ManageEngine Analytics Plus versions before 5410 and Zoho Analytics On-Premise versions... Moderate Unreviewed
CVE-2024-9100 was published Oct 3, 2024
The Hello World plugin for WordPress is vulnerable to Arbitrary File Reading in all versions up... Moderate Unreviewed
CVE-2024-9224 was published Oct 1, 2024
Path traversal vulnerability in the Bluetooth module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-47292 was published Sep 27, 2024
An issue in the Http_handle object of VONETS VAP11G-300 v3.3.23.6.9 allows attackers to access... Moderate Unreviewed
CVE-2024-46327 was published Sep 26, 2024
Cross site scripting in Concrete CMS Moderate
CVE-2024-8291 was published for concrete5/concrete5 (Composer) Sep 25, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-43996 was published Sep 23, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-44048 was published Sep 23, 2024
The vulnerability allows an attacker to craft MQTT messages that include relative path traversal... Moderate Unreviewed
CVE-2024-6786 was published Sep 21, 2024
eNMS up to 4.7.1 is vulnerable to Directory Traversal via /download/file. Moderate Unreviewed
CVE-2024-46646 was published Sep 20, 2024
eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via edit_file. Moderate Unreviewed
CVE-2024-46644 was published Sep 20, 2024
eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via upload_files. Moderate Unreviewed
CVE-2024-46647 was published Sep 20, 2024
A vulnerability, which was classified as critical, was found in SourceCodester Simple Forum... Moderate Unreviewed
CVE-2024-9032 was published Sep 20, 2024
czim/file-handling vulnerable to SSRF and directory traversal Moderate
CVE-2024-47049 was published for czim/file-handling (Composer) Sep 17, 2024
Contao affected by directory traversal in the file selector widget Moderate
CVE-2024-45604 was published for contao/core-bundle (Composer) Sep 17, 2024
usdResponsibleDisclosure
A path handling issue was addressed with improved validation. This issue is fixed in macOS... Moderate Unreviewed
CVE-2024-44190 was published Sep 17, 2024
OMFLOW from The SYSCOM Group does not properly validate user input of the download functionality,... Moderate Unreviewed
CVE-2024-8778 was published Sep 16, 2024
A vulnerability, which was classified as problematic, has been found in xiaohe4966 TpMeCMS up to... Moderate Unreviewed
CVE-2024-8876 was published Sep 16, 2024
A vulnerability classified as critical was found in vedees wcms up to 0.3.2. Affected by this... Moderate Unreviewed
CVE-2024-8875 was published Sep 16, 2024
Composio Path Traversal vulnerability Moderate
CVE-2024-8865 was published for composio-core (pip) Sep 16, 2024
A vulnerability was found in JFinalCMS up to 1.0. It has been rated as critical. This issue... Moderate Unreviewed
CVE-2024-8782 was published Sep 13, 2024
A vulnerability was found in 云课网络科技有限公司 Yunke Online School System up to 3.0.6. It has been... Moderate Unreviewed
CVE-2024-8707 was published Sep 12, 2024
A vulnerability was found in JFinalCMS up to 20240903. It has been classified as problematic.... Moderate Unreviewed
CVE-2024-8706 was published Sep 12, 2024
A vulnerability, which was classified as problematic, was found in JFinalCMS up to 20240903. This... Moderate Unreviewed
CVE-2024-8694 was published Sep 11, 2024
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet... Moderate Unreviewed
CVE-2024-21753 was published Sep 10, 2024
Marinus Pfund, member of the AXIS OS Bug Bounty Program, has found the VAPIX API ledlimit.cgi... Moderate Unreviewed
CVE-2024-0067 was published Sep 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database