GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+
6,053 advisories
Filter by severity
In Infinera TNMS (Transcend Network Management System) 19.10.3, an insecure default configuration...
High
Unreviewed
CVE-2024-25659
was published
Oct 1, 2024
The Hello World plugin for WordPress is vulnerable to Arbitrary File Reading in all versions up...
Moderate
Unreviewed
CVE-2024-9224
was published
Oct 1, 2024
An issue in the _readFileSync function of Simple-Spellchecker v1.0.2 allows attackers to read...
High
Unreviewed
CVE-2024-46503
was published
Sep 30, 2024
Directory Traversal vulnerability in Plasmoapp RPShare Fabric mod v.1.0.0 allows a remote...
High
Unreviewed
CVE-2024-33369
was published
Sep 27, 2024
The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is...
High
Unreviewed
CVE-2024-7149
was published
Sep 27, 2024
Path traversal vulnerability in the Bluetooth module
Impact: Successful exploitation of this...
Moderate
Unreviewed
CVE-2024-47292
was published
Sep 27, 2024
Agnai vulnerable to Relative Path Traversal in Image Upload
Low
CVE-2024-47171
was published
for
agnai
(npm)
Sep 26, 2024
Agnai File Disclosure Vulnerability: JSON via Path Traversal
Low
CVE-2024-47170
was published
for
agnai
(npm)
Sep 26, 2024
Agnai vulnerable to Remote Code Execution via JS Upload using Directory Traversal
Critical
CVE-2024-47169
was published
for
agnai
(npm)
Sep 26, 2024
An issue in the Http_handle object of VONETS VAP11G-300 v3.3.23.6.9 allows attackers to access...
Moderate
Unreviewed
CVE-2024-46327
was published
Sep 26, 2024
The Advanced File Manager plugin for WordPress is vulnerable to Local JavaScript File Inclusion...
High
Unreviewed
CVE-2024-8704
was published
Sep 26, 2024
Directory Traversal vulnerability in Centro de Tecnologia da Informaco Renato Archer InVesalius3...
High
Unreviewed
CVE-2024-44825
was published
Sep 25, 2024
Path traversal vulnerability in Scriptcase version 9.4.019, in /scriptcase/devel/compat...
High
Unreviewed
CVE-2024-8941
was published
Sep 25, 2024
Cross site scripting in Concrete CMS
Low
CVE-2024-8291
was published
for
concrete5/concrete5
(Composer)
Sep 25, 2024
Directory Traversal vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to obtain...
High
Unreviewed
CVE-2023-26687
was published
Sep 25, 2024
Directory Traversal vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run...
High
Unreviewed
CVE-2023-26691
was published
Sep 25, 2024
The WooEvents - Calendar and Event Booking plugin for WordPress is vulnerable to arbitrary file...
Critical
Unreviewed
CVE-2024-8671
was published
Sep 24, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-43996
was published
Sep 23, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-44048
was published
Sep 23, 2024
The vulnerability allows an attacker to craft MQTT messages that include relative path traversal...
Moderate
Unreviewed
CVE-2024-6786
was published
Sep 21, 2024
eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via upload_files.
Moderate
Unreviewed
CVE-2024-46647
was published
Sep 20, 2024
eNMS up to 4.7.1 is vulnerable to Directory Traversal via /download/file.
Moderate
Unreviewed
CVE-2024-46646
was published
Sep 20, 2024
eNMS 4.0.0 is vulnerable to Directory Traversal via get_tree_files.
High
Unreviewed
CVE-2024-46645
was published
Sep 20, 2024
eNMS up to 4.7.1 is vulnerable to Directory Traversal via download/folder.
High
Unreviewed
CVE-2024-46649
was published
Sep 20, 2024
eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via scan_folder.
High
Unreviewed
CVE-2024-46648
was published
Sep 20, 2024
ProTip!
Advisories are also available from the
GraphQL API