GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
6,014 advisories
Filter by severity
CometVisu Backend for openHAB has a path traversal vulnerability
Moderate
CVE-2024-42468
was published
for
org.openhab.ui.bundles:org.openhab.ui.cometvisu
(Maven)
Aug 9, 2024
CometVisu Backend for openHAB affected by RCE through path traversal
Critical
CVE-2024-42469
was published
for
org.openhab.ui.bundles:org.openhab.ui.cometvisu
(Maven)
Aug 9, 2024
The InfoScan client download page can be intercepted with a proxy, to
expose filenames located...
Moderate
Unreviewed
CVE-2024-42408
was published
Aug 8, 2024
Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem...
High
Unreviewed
CVE-2024-6707
was published
Aug 8, 2024
Okta Verify for Windows is vulnerable to privilege escalation through DLL hijacking. The...
Moderate
Unreviewed
CVE-2024-7061
was published
Aug 7, 2024
Jenkins Remoting library arbitrary file read vulnerability
Critical
CVE-2024-43044
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Aug 7, 2024
Ivanti Docs@Work for Android, before 2.26.0 is affected by the 'Dirty Stream' vulnerability. The...
Moderate
Unreviewed
CVE-2024-37403
was published
Aug 7, 2024
Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This...
Moderate
Unreviewed
CVE-2024-7564
was published
Aug 6, 2024
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000...
Critical
Unreviewed
CVE-2024-39226
was published
Aug 6, 2024
A vulnerability was found in juzaweb CMS up to 3.4.2. It has been classified as problematic....
Moderate
Unreviewed
CVE-2024-7551
was published
Aug 6, 2024
The WPBakery Visual Composer plugin for WordPress is vulnerable to Local File Inclusion in all...
High
Unreviewed
CVE-2024-5709
was published
Aug 6, 2024
Path traversal in Calibre <= 7.14.0 allow unauthenticated attackers to achieve arbitrary file read.
High
Unreviewed
CVE-2024-6781
was published
Aug 6, 2024
Reposilite Arbitrary File Read vulnerability
High
CVE-2024-36117
was published
for
com.reposilite:reposilite-backend
(Maven)
Aug 5, 2024
Owncast Path Traversal vulnerability
Low
CVE-2024-31450
was published
for
github.com/owncast/owncast
(Go)
Aug 5, 2024
Nuxt Devtools has a Path Traversal: '../filedir'
High
CVE-2024-23657
was published
for
@nuxt/devtools
(npm)
Aug 5, 2024
A vulnerability was found in elunez eladmin up to 2.7 and classified as critical. This issue...
Moderate
Unreviewed
CVE-2024-7458
was published
Aug 5, 2024
Path traversal in Reposilite javadoc file expansion (arbitrary file creation/overwrite) (`GHSL-2024-073`)
High
CVE-2024-36116
was published
for
com.reposilite:reposilite-backend
(Maven)
Aug 2, 2024
AndServer 2.1.12 is vulnerable to Directory Traversal.
High
Unreviewed
CVE-2024-41310
was published
Aug 2, 2024
Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the...
Moderate
Unreviewed
CVE-2024-7323
was published
Aug 2, 2024
A vulnerability has been identified in Omnivise T3000 Application Server (All versions). Affected...
Moderate
Unreviewed
CVE-2024-38878
was published
Aug 2, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-39624
was published
Aug 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Critical
Unreviewed
CVE-2024-39619
was published
Aug 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-39621
was published
Aug 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-38768
was published
Aug 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-38746
was published
Aug 1, 2024
ProTip!
Advisories are also available from the
GraphQL API