Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

110 advisories

Loading
The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does... Low Unreviewed
CVE-2023-2252 was published Jan 16, 2024
Zoho ManageEngine ADAudit Plus before 7270 allows admin users to view names of arbitrary... Low Unreviewed
CVE-2023-50785 was published Jan 25, 2024
In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives Low Unreviewed
CVE-2024-24940 was published Feb 6, 2024
A vulnerability, which was classified as problematic, was found in KDE Plasma Workspace up to 5... Low Unreviewed
CVE-2024-1433 was published Feb 12, 2024
Dell Unity, versions prior to 5.4, contain a path traversal vulnerability in its... Low Unreviewed
CVE-2024-22226 was published Feb 12, 2024
phpMyFAQ Path Traversal in Attachments Low
CVE-2024-29196 was published for phpmyfaq/phpmyfaq (Composer) Mar 25, 2024
kevinnivekkevin
JADX file override vulnerability Low
GHSA-hvp5-5x4f-33fq was published for io.github.skylot:jadx-core (Maven) Apr 22, 2024
Cl0udG0d
A path traversal vulnerability was reported in the Motorola Ready For application that could... Low Unreviewed
CVE-2023-41825 was published May 3, 2024
Symlink bypasses filesystem sandbox Low
CVE-2024-38358 was published for wasmer (Rust) Jun 7, 2024
yagehu
Owncast Path Traversal vulnerability Low
CVE-2024-31450 was published for github.com/owncast/owncast (Go) Aug 5, 2024
ProTip! Advisories are also available from the GraphQL API