GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,265 advisories
Filter by severity
NGINX Agent's "config_dirs" restriction feature allows a highly privileged attacker to gain the...
Moderate
Unreviewed
CVE-2024-7634
was published
Aug 22, 2024
Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This...
Moderate
Unreviewed
CVE-2024-7602
was published
Aug 21, 2024
A vulnerability, which was classified as problematic, has been found in FastAdmin up to 1.3.3...
Moderate
Unreviewed
CVE-2024-7928
was published
Aug 20, 2024
A vulnerability classified as critical has been found in ZZCMS 2023. Affected is an unknown...
Moderate
Unreviewed
CVE-2024-7926
was published
Aug 19, 2024
A vulnerability classified as critical was found in ZZCMS 2023. Affected by this vulnerability is...
Moderate
Unreviewed
CVE-2024-7927
was published
Aug 19, 2024
A vulnerability was found in ZZCMS 2023. It has been declared as critical. This vulnerability...
Moderate
Unreviewed
CVE-2024-7924
was published
Aug 19, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-43281
was published
Aug 19, 2024
The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and...
Moderate
Unreviewed
CVE-2023-5505
was published
Aug 17, 2024
An arbitrary file deletion vulnerability exists in the admin/del.php file at line 62 in ZZCMS...
Moderate
Unreviewed
CVE-2024-43011
was published
Aug 16, 2024
An issue in Super easy enterprise management system v.1.0.0 and before allows a local attacker to...
Moderate
Unreviewed
CVE-2024-42680
was published
Aug 15, 2024
A vulnerability was found in wanglongcn ltcms 1.0.20 and classified as critical. This issue...
Moderate
Unreviewed
CVE-2024-7741
was published
Aug 13, 2024
A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf...
Moderate
Unreviewed
CVE-2024-7738
was published
Aug 13, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-43165
was published
Aug 13, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-43129
was published
Aug 13, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-43138
was published
Aug 13, 2024
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The importCertificate...
Moderate
Unreviewed
CVE-2024-41938
was published
Aug 13, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2023-7249
was published
Aug 12, 2024
When mounting a remote filesystem using NFS, the kernel did not sanitize remotely provided...
Moderate
Unreviewed
CVE-2024-6759
was published
Aug 12, 2024
The InfoScan client download page can be intercepted with a proxy, to
expose filenames located...
Moderate
Unreviewed
CVE-2024-42408
was published
Aug 8, 2024
Okta Verify for Windows is vulnerable to privilege escalation through DLL hijacking. The...
Moderate
Unreviewed
CVE-2024-7061
was published
Aug 7, 2024
Ivanti Docs@Work for Android, before 2.26.0 is affected by the 'Dirty Stream' vulnerability. The...
Moderate
Unreviewed
CVE-2024-37403
was published
Aug 7, 2024
Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This...
Moderate
Unreviewed
CVE-2024-7564
was published
Aug 6, 2024
A vulnerability was found in juzaweb CMS up to 3.4.2. It has been classified as problematic....
Moderate
Unreviewed
CVE-2024-7551
was published
Aug 6, 2024
A vulnerability was found in elunez eladmin up to 2.7 and classified as critical. This issue...
Moderate
Unreviewed
CVE-2024-7458
was published
Aug 5, 2024
Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the...
Moderate
Unreviewed
CVE-2024-7323
was published
Aug 2, 2024
ProTip!
Advisories are also available from the
GraphQL API