Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,201
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

686 advisories

Loading
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-49286 was published Oct 20, 2024
Kieback & Peter's DDC4000 series is vulnerable to a path traversal vulnerability, which may allow... Critical Unreviewed
CVE-2024-41717 was published Oct 23, 2024
Butterfly has path/URL confusion in resource handling leading to multiple weaknesses Critical
CVE-2024-47883 was published for org.openrefine.dependencies:butterfly (Maven) Oct 24, 2024
An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Mango API before 4.5.5 allows... Critical Unreviewed
CVE-2024-37847 was published Oct 25, 2024
A path traversal vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The... Critical Unreviewed
CVE-2024-5982 was published Oct 29, 2024
Webswing 23.2.2 allows remote attackers to modify client-side JavaScript code to achieve path... Critical Unreviewed
CVE-2024-39332 was published Oct 31, 2024
jj vulnerable to path traversal via crafted Git repositories Critical
CVE-2024-51990 was published for jj-lib (Rust) Nov 7, 2024
joernchen yuja
The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2024-10625 was published Nov 9, 2024
The WPLMS Learning Management System for WordPress, WordPress LMS theme for WordPress is... Critical Unreviewed
CVE-2024-10470 was published Nov 9, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected... Critical Unreviewed
CVE-2024-46888 was published Nov 12, 2024
The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file deletion due... Critical Unreviewed
CVE-2024-11150 was published Nov 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database