GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
49 advisories
Filter by severity
Some Huawei home music system products have a path traversal vulnerability. Successful...
High
Unreviewed
CVE-2023-7263
was published
Dec 28, 2024
Huawei Home Music System has a path traversal vulnerability. Successful exploitation of this...
High
Unreviewed
CVE-2023-7300
was published
Dec 26, 2024
Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue...
High
Unreviewed
CVE-2024-56049
was published
Dec 18, 2024
Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue...
High
Unreviewed
CVE-2024-56055
was published
Dec 18, 2024
Path Traversal vulnerability in FULL. FULL Customer allows Path Traversal.This issue affects FULL...
Moderate
Unreviewed
CVE-2024-54313
was published
Dec 13, 2024
ComfyUI-Impact-Pack is vulnerable to Path Traversal. The issue stems from missing validation of...
Critical
Unreviewed
CVE-2024-21575
was published
Dec 12, 2024
Path Traversal vulnerability in NotFound ARForms allows Path Traversal.This issue affects ARForms...
High
Unreviewed
CVE-2024-54216
was published
Dec 6, 2024
Path Traversal: '.../...//' vulnerability in Softpulse Infotech SP Blog Designer allows PHP Local...
High
Unreviewed
CVE-2024-52498
was published
Nov 28, 2024
The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to Directory...
Moderate
Unreviewed
CVE-2024-10857
was published
Nov 26, 2024
The back-end does not sufficiently verify the user-controlled filename parameter which makes it...
High
Unreviewed
CVE-2024-50054
was published
Nov 23, 2024
Path Traversal: '.../...//' vulnerability in Corporate Zen Contact Page With Google Map allows...
High
Unreviewed
CVE-2024-52447
was published
Nov 20, 2024
: Path Traversal: '.../...//' vulnerability in CYAN Backup allows Path Traversal.This issue...
Moderate
Unreviewed
CVE-2024-52390
was published
Nov 19, 2024
A vulnerability in the API subsystem and in the web-management interface of Cisco Network...
Moderate
Unreviewed
CVE-2021-1132
was published
Nov 18, 2024
A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could...
High
Unreviewed
CVE-2020-26073
was published
Nov 18, 2024
A low privileged remote attacker can specify an arbitrary file on the filesystem which may lead...
High
Unreviewed
CVE-2024-41973
was published
Nov 18, 2024
A low privileged remote attacker can overwrite an arbitrary file on the filesystem which may lead...
Moderate
Unreviewed
CVE-2024-41972
was published
Nov 18, 2024
The default TCL Camera application exposes a provider vulnerable to path traversal vulnerability....
High
Unreviewed
CVE-2024-11136
was published
Nov 14, 2024
Path Traversal: '.../...//' vulnerability in ThimPress WP Hotel Booking allows PHP Local File...
High
Unreviewed
CVE-2024-51582
was published
Nov 4, 2024
Path Traversal: '.../...//' vulnerability in Limb WordPress Gallery Plugin – Limb Image Gallery...
Moderate
Unreviewed
CVE-2024-49258
was published
Oct 16, 2024
Multi-DNC – CWE-35: Path Traversal: '.../...//'
High
Unreviewed
CVE-2024-45248
was published
Oct 6, 2024
Marinus Pfund, member of the AXIS OS Bug Bounty Program,
has found the VAPIX API ledlimit.cgi...
Moderate
Unreviewed
CVE-2024-0067
was published
Sep 10, 2024
An authenticated user can download sensitive files from Trellix products NX, EX, FX, AX, IVX, ...
Moderate
Unreviewed
CVE-2024-7608
was published
Aug 27, 2024
NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support,...
High
Unreviewed
CVE-2024-0113
was published
Aug 12, 2024
**UNSUPPORTED WHEN ASSIGNED** Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1...
Critical
Unreviewed
CVE-2024-40505
was published
Jul 16, 2024
Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks,...
High
Unreviewed
CVE-2024-39171
was published
Jul 9, 2024
ProTip!
Advisories are also available from the
GraphQL API