GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,018
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,429
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,523

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

5,292 advisories

Filter by severity

Sort by

Least recently updated

The Post Grid Master – Custom Post Types, Taxonomies & Ajax Filter Everything with Infinite... Critical Unreviewed

CVE-2024-11642 was published Jan 9, 2025

The Permission Model assumes that any path starting with two backslashes \ has a four-character... Low Unreviewed

CVE-2024-37372 was published Jan 9, 2025

The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up... High Unreviewed

CVE-2024-9939 was published Jan 8, 2025

The InfiniteWP Client plugin for WordPress is vulnerable to Path Traversal in all versions up to,... Moderate Unreviewed

CVE-2024-10585 was published Jan 8, 2025

Path traversal vulnerability in the Medialibrary module Impact: Successful exploitation of this... Moderate Unreviewed

CVE-2023-52953 was published Jan 8, 2025

An attacker who successfully exploited these vulnerabilities could grant read access to files. A... Moderate Unreviewed

CVE-2024-12429 was published Jan 7, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Low Unreviewed

CVE-2024-12425 was published Jan 7, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed

CVE-2024-56286 was published Jan 7, 2025

The MIPL WC Multisite Sync plugin for WordPress is vulnerable to Directory Traversal in all... High Unreviewed

CVE-2024-12152 was published Jan 7, 2025

The Error Log Viewer By WP Guru plugin for WordPress is vulnerable to Arbitrary File Read in all... High Unreviewed

CVE-2024-12849 was published Jan 7, 2025

IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker... Moderate Unreviewed

CVE-2024-41765 was published Jan 4, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2024-56248 was published Jan 2, 2025

In WhatsUp Gold versions released before 2024.0.2, an authenticated user can use a specially... Moderate Unreviewed

CVE-2024-12105 was published Dec 31, 2024

iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability... High Unreviewed

CVE-2024-11944 was published Dec 30, 2024

An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35 and 7.10.x through 7.10.0.18.... Moderate Unreviewed

CVE-2024-54452 was published Dec 27, 2024

An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35, 7.10.x through 7.10.0.18,... High Unreviewed

CVE-2024-54453 was published Dec 27, 2024

The Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress is... Moderate Unreviewed

CVE-2024-12850 was published Dec 24, 2024

ColdFusion versions 2023.11, 2021.17 and earlier are affected by an Improper Limitation of a... High Unreviewed

CVE-2024-53961 was published Dec 23, 2024

A logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.1.... High Unreviewed

CVE-2024-44195 was published Dec 20, 2024

Arista NG Firewall custom_handler Directory Traversal Remote Code Execution Vulnerability. This... High Unreviewed

CVE-2024-12830 was published Dec 20, 2024

A vulnerability, which was classified as problematic, has been found in PbootCMS up to 5.2.3.... Moderate Unreviewed

CVE-2024-12793 was published Dec 19, 2024

A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 v3.90. The... Critical Unreviewed

CVE-2024-55516 was published Dec 17, 2024

A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component... Critical Unreviewed

CVE-2024-55513 was published Dec 17, 2024

A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component... Critical Unreviewed

CVE-2024-55515 was published Dec 17, 2024

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed

CVE-2024-54375 was published Dec 16, 2024

Previous 1 2 3 4 5 … 211 212 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

5,292 advisories