Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,604 advisories

Loading
A vulnerability was found in JFinalCMS up to 1.0. It has been rated as critical. This issue... Moderate Unreviewed
CVE-2024-8782 was published Sep 13, 2024
A vulnerability was found in 云课网络科技有限公司 Yunke Online School System up to 3.0.6. It has been... Moderate Unreviewed
CVE-2024-8707 was published Sep 12, 2024
A vulnerability was found in JFinalCMS up to 20240903. It has been classified as problematic.... Moderate Unreviewed
CVE-2024-8706 was published Sep 12, 2024
A vulnerability, which was classified as problematic, was found in JFinalCMS up to 20240903. This... Moderate Unreviewed
CVE-2024-8694 was published Sep 11, 2024
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet... Moderate Unreviewed
CVE-2024-21753 was published Sep 10, 2024
Orca HCM from LEARNING DIGITA does not properly restrict a specific parameter of the file... Moderate Unreviewed
CVE-2024-8585 was published Sep 9, 2024
A path traversal vulnerability has been reported to affect several QNAP operating system versions... Moderate Unreviewed
CVE-2024-21904 was published Sep 6, 2024
IBM webMethods Integration 10.15 could allow an authenticated user to traverse directories on the... Moderate Unreviewed
CVE-2024-45074 was published Sep 4, 2024
A vulnerability classified as problematic was found in ABCD ABCD2 up to 2.2.0-beta-1. This... Moderate Unreviewed
CVE-2024-8410 was published Sep 4, 2024
A vulnerability classified as problematic has been found in ABCD ABCD2 up to 2.2.0-beta-1. This... Moderate Unreviewed
CVE-2024-8409 was published Sep 4, 2024
Path Traversal in My Files prior to SMR Sep-2024 Release 1 allows physical attackers to access... Moderate Unreviewed
CVE-2024-34653 was published Sep 4, 2024
Directory traversal vulnerability in the cust module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-45443 was published Sep 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-43957 was published Aug 29, 2024
A vulnerability has been found in jpress up to 5.1.1 and classified as critical. Affected by this... Moderate Unreviewed
CVE-2024-8304 was published Aug 29, 2024
In WS_FTP Server versions before 8.8.8 (2022.0.8), an Improper Limitation of a Pathname to a... Moderate Unreviewed
CVE-2024-7744 was published Aug 28, 2024
The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file deletion in all... Moderate Unreviewed
CVE-2024-6312 was published Aug 28, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-4556 was published Aug 28, 2024
A path traversal vulnerability exists in the Xiaomi File Manager application product... Moderate Unreviewed
CVE-2023-26321 was published Aug 28, 2024
A vulnerability classified as critical was found in Chengdu Everbrite Network Technology... Moderate Unreviewed
CVE-2024-8163 was published Aug 26, 2024
A vulnerability, which was classified as problematic, was found in Chengdu Everbrite Network... Moderate Unreviewed
CVE-2024-8165 was published Aug 26, 2024
Mage AI Path Traversal vulnerability Moderate
CVE-2024-45188 was published for mage-ai (pip) Aug 23, 2024
Mage AI Path Traversal vulnerability Moderate
CVE-2024-45189 was published for mage-ai (pip) Aug 23, 2024
Path Traversal vulnerability discovered in OpenText™ CX-E Voice, affecting all version through... Moderate Unreviewed
CVE-2023-7260 was published Aug 22, 2024
NGINX Agent's "config_dirs" restriction feature allows a highly privileged attacker to gain the... Moderate Unreviewed
CVE-2024-7634 was published Aug 22, 2024
Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2024-7602 was published Aug 21, 2024
ProTip! Advisories are also available from the GraphQL API