Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

5,992 advisories

Loading
When mounting a remote filesystem using NFS, the kernel did not sanitize remotely provided... Moderate Unreviewed
CVE-2024-6759 was published Aug 12, 2024
A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi... High Unreviewed
CVE-2024-41936 was published Aug 12, 2024
NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support,... High Unreviewed
CVE-2024-0113 was published Aug 12, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability via... Critical Unreviewed
CVE-2024-21876 was published Aug 12, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability... Critical Unreviewed
CVE-2024-21877 was published Aug 12, 2024
CometVisu Backend for openHAB has a path traversal vulnerability Moderate
CVE-2024-42468 was published for org.openhab.ui.bundles:org.openhab.ui.cometvisu (Maven) Aug 9, 2024
p- peuter
CometVisu Backend for openHAB affected by RCE through path traversal Critical
CVE-2024-42469 was published for org.openhab.ui.bundles:org.openhab.ui.cometvisu (Maven) Aug 9, 2024
p-
The InfoScan client download page can be intercepted with a proxy, to expose filenames located... Moderate Unreviewed
CVE-2024-42408 was published Aug 8, 2024
Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem... High Unreviewed
CVE-2024-6707 was published Aug 8, 2024
Okta Verify for Windows is vulnerable to privilege escalation through DLL hijacking. The... Moderate Unreviewed
CVE-2024-7061 was published Aug 7, 2024
Jenkins Remoting library arbitrary file read vulnerability Critical
CVE-2024-43044 was published for org.jenkins-ci.main:jenkins-core (Maven) Aug 7, 2024
Ivanti Docs@Work for Android, before 2.26.0 is affected by the 'Dirty Stream' vulnerability. The... Moderate Unreviewed
CVE-2024-37403 was published Aug 7, 2024
Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2024-7564 was published Aug 6, 2024
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000... Critical Unreviewed
CVE-2024-39226 was published Aug 6, 2024
A vulnerability was found in juzaweb CMS up to 3.4.2. It has been classified as problematic.... Moderate Unreviewed
CVE-2024-7551 was published Aug 6, 2024
The WPBakery Visual Composer plugin for WordPress is vulnerable to Local File Inclusion in all... High Unreviewed
CVE-2024-5709 was published Aug 6, 2024
Path traversal in Calibre <= 7.14.0 allow unauthenticated attackers to achieve arbitrary file read. High Unreviewed
CVE-2024-6781 was published Aug 6, 2024
Reposilite Arbitrary File Read vulnerability High
CVE-2024-36117 was published for com.reposilite:reposilite-backend (Maven) Aug 5, 2024
Owncast Path Traversal vulnerability Low
CVE-2024-31450 was published for github.com/owncast/owncast (Go) Aug 5, 2024
Nuxt Devtools has a Path Traversal: '../filedir' High
CVE-2024-23657 was published for @nuxt/devtools (npm) Aug 5, 2024
OhB00 antfu
A vulnerability was found in elunez eladmin up to 2.7 and classified as critical. This issue... Moderate Unreviewed
CVE-2024-7458 was published Aug 5, 2024
Path traversal in Reposilite javadoc file expansion (arbitrary file creation/overwrite) (`GHSL-2024-073`) High
CVE-2024-36116 was published for com.reposilite:reposilite-backend (Maven) Aug 2, 2024
artsploit
AndServer 2.1.12 is vulnerable to Directory Traversal. High Unreviewed
CVE-2024-41310 was published Aug 2, 2024
Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the... Moderate Unreviewed
CVE-2024-7323 was published Aug 2, 2024
A vulnerability has been identified in Omnivise T3000 Application Server (All versions). Affected... Moderate Unreviewed
CVE-2024-38878 was published Aug 2, 2024
ProTip! Advisories are also available from the GraphQL API