Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

5,051 advisories

Loading
Directory Traversal vulnerability in Plasmoapp RPShare Fabric mod v.1.0.0 allows a remote... High Unreviewed
CVE-2024-33369 was published Sep 27, 2024
The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is... High Unreviewed
CVE-2024-7149 was published Sep 27, 2024
Path traversal vulnerability in the Bluetooth module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-47292 was published Sep 27, 2024
Hexo up to v7.0.0 (RC2) was discovered to contain an arbitrary file read vulnerability. High Unreviewed
CVE-2023-39584 was published Sep 8, 2023
Directory Traversal vulnerability in Centro de Tecnologia da Informaco Renato Archer InVesalius3... High Unreviewed
CVE-2024-44825 was published Sep 25, 2024
An issue in the Http_handle object of VONETS VAP11G-300 v3.3.23.6.9 allows attackers to access... Moderate Unreviewed
CVE-2024-46327 was published Sep 26, 2024
The Big File Uploads – Increase Maximum File Upload Size plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-8538 was published Sep 7, 2024
A TarSlip vulnerability exists in the deepjavalibrary/djl, affecting version 0.26.0 and fixed in... High Unreviewed
CVE-2024-2914 was published Jun 6, 2024
The Advanced File Manager plugin for WordPress is vulnerable to Local JavaScript File Inclusion... High Unreviewed
CVE-2024-8704 was published Sep 26, 2024
Improper Input Validation vulnerability in HYPR Workforce Access on Windows allows Path Traversal... High Unreviewed
CVE-2023-5097 was published Jan 16, 2024
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component... Critical Unreviewed
CVE-2023-44171 was published Sep 27, 2023
Directory Traversal vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run... High Unreviewed
CVE-2023-26691 was published Sep 25, 2024
Directory Traversal vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to obtain... High Unreviewed
CVE-2023-26687 was published Sep 25, 2024
Path traversal vulnerability in Scriptcase version 9.4.019, in /scriptcase/devel/compat... High Unreviewed
CVE-2024-8941 was published Sep 25, 2024
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component... Critical Unreviewed
CVE-2023-44169 was published Sep 27, 2023
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component... Critical Unreviewed
CVE-2023-43216 was published Sep 27, 2023
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component... Critical Unreviewed
CVE-2023-44172 was published Sep 27, 2023
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component... Critical Unreviewed
CVE-2023-44170 was published Sep 27, 2023
A path handling issue was addressed with improved validation. This issue is fixed in macOS... Moderate Unreviewed
CVE-2024-44190 was published Sep 17, 2024
The WooEvents - Calendar and Event Booking plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2024-8671 was published Sep 24, 2024
Cambium Enterprise Wi-Fi System Software before 6.4.2 does not sanitize the ping host argument in... High Unreviewed
CVE-2022-35908 was published Sep 29, 2023
eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via edit_file. Moderate Unreviewed
CVE-2024-46644 was published Sep 20, 2024
eNMS up to 4.7.1 is vulnerable to Directory Traversal via /download/file. Moderate Unreviewed
CVE-2024-46646 was published Sep 20, 2024
eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via scan_folder. High Unreviewed
CVE-2024-46648 was published Sep 20, 2024
eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via upload_files. Moderate Unreviewed
CVE-2024-46647 was published Sep 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database