GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
26 advisories
Filter by severity
An absolute path traversal vulnerability exists in parisneo/lollms-webui v9.6, specifically in...
High
Unreviewed
CVE-2024-6250
was published
Jun 27, 2024
A path traversal vulnerability exists in the parisneo/lollms application, affecting version 9.4.0...
High
Unreviewed
CVE-2024-4881
was published
Jun 6, 2024
A path traversal vulnerability exists in the parisneo/lollms-webui version 9.3 on the Windows...
Critical
Unreviewed
CVE-2024-2362
was published
Jun 6, 2024
A path traversal vulnerability exists in the parisneo/lollms-webui application, specifically...
High
Unreviewed
CVE-2024-2548
was published
Jun 6, 2024
An improper absolute path traversal vulnerability was reported for the Ready For application...
Moderate
Unreviewed
CVE-2023-41830
was published
May 3, 2024
Microsoft Defender for IoT Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-29053
was published
Apr 9, 2024
Microsoft Defender for IoT Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-21323
was published
Apr 9, 2024
A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been classified as problematic....
Low
Unreviewed
CVE-2024-1703
was published
Feb 21, 2024
IBM InfoSphere Information Server 11.7 could allow an authenticated privileged user to obtain the...
Low
Unreviewed
CVE-2023-50955
was published
Feb 21, 2024
An attacker could potentially exploit this vulnerability, leading to files being read from the...
Moderate
Unreviewed
CVE-2023-5390
was published
Jan 31, 2024
Gotham Table service and Forward App were found to be vulnerable to a Path traversal issue...
Moderate
Unreviewed
CVE-2023-30970
was published
Jan 29, 2024
A vulnerability has been found in DedeCMS up to 5.7.100 and classified as critical. Affected by...
Moderate
Unreviewed
CVE-2023-5022
was published
Sep 17, 2023
A vulnerability, which was classified as problematic, has been found in Chengdu Flash Flood...
Moderate
Unreviewed
CVE-2023-4172
was published
Aug 6, 2023
MLflow Path Traversal vulnerability
Critical
CVE-2023-3765
was published
for
mlflow
(pip)
Jul 19, 2023
Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a directory traversal vulnerability...
High
Unreviewed
CVE-2023-33871
was published
Jul 18, 2023
Path Traversal vulnerability in SonicWall GMS and Analytics allows a remote authenticated...
Moderate
Unreviewed
CVE-2023-34135
was published
Jul 13, 2023
A vulnerability has been found in Weaver OA up to 9.5 and classified as problematic. This...
Moderate
Unreviewed
CVE-2023-2765
was published
May 17, 2023
A vulnerability, which was classified as problematic, has been found in moxi624 Mogu Blog v2 up...
Moderate
Unreviewed
CVE-2023-2101
was published
Apr 15, 2023
Remote file existence check vulnerability in `mlflow server` and `mlflow ui` CLIs
Low
CVE-2023-1176
was published
for
mlflow
(pip)
Mar 24, 2023
A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application...
High
Unreviewed
CVE-2022-20958
was published
Nov 4, 2022
Absolute Path Traversal vulnerability in GetImage in QSAN Storage Manager allows remote...
Moderate
Unreviewed
CVE-2021-32506
was published
May 24, 2022
Absolute Path Traversal vulnerability in FileDownload in QSAN Storage Manager allows remote...
Moderate
Unreviewed
CVE-2021-32507
was published
May 24, 2022
Local File Inclusion vulnerability of the omni-directional communication system allows remote...
Moderate
Unreviewed
CVE-2021-30173
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,...
High
Unreviewed
CVE-2021-1297
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,...
High
Unreviewed
CVE-2021-1296
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API