GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
30 advisories
Filter by severity
** UNSUPPORTED WHEN ASSIGNED ** A post-authentication arbitrary file read vulnerability impacting...
Moderate
Unreviewed
CVE-2022-22279
was published
Apr 14, 2022
A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow...
Moderate
Unreviewed
CVE-2019-19287
was published
May 24, 2022
Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which...
Moderate
Unreviewed
CVE-2021-32954
was published
May 24, 2022
The AGG Software Web Server version 4.0.40.1014 and prior is vulnerable to a path traversal...
Moderate
Unreviewed
CVE-2021-32964
was published
May 25, 2022
Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficiently, which enables...
Moderate
Unreviewed
CVE-2022-2106
was published
Jun 28, 2022
A vulnerability in the NETCONF service of Cisco Network Services Orchestrator (NSO) could allow...
Moderate
Unreviewed
CVE-2023-20040
was published
Jan 20, 2023
A vulnerability was found in MuYuCMS 2.2. It has been classified as problematic. Affected is an...
Moderate
Unreviewed
CVE-2023-1043
was published
Feb 26, 2023
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote...
Moderate
Unreviewed
CVE-2023-20066
was published
Mar 23, 2023
SAP CRM (WebClient UI) - versions S4FND 102, 103, 104, 105, 106, 107, WEBCUIF, 700, 701, 731, 730...
Moderate
Unreviewed
CVE-2023-29189
was published
Apr 11, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
Moderate
Unreviewed
CVE-2022-42892
was published
Jul 6, 2023
An executable used in Rockwell Automation ThinManager ThinServer can be configured to enable an...
Moderate
Unreviewed
CVE-2023-2913
was published
Jul 18, 2023
A CWE-23: Relative Path Traversal vulnerability exists in Telit Cinterion BGS5, Telit Cinterion...
Moderate
Unreviewed
CVE-2023-47613
was published
Nov 9, 2023
A vulnerability classified as critical was found in jeecgboot JimuReport up to 1.6.1. Affected by...
Moderate
Unreviewed
CVE-2023-6307
was published
Nov 27, 2023
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path...
Moderate
Unreviewed
CVE-2024-22096
was published
Feb 2, 2024
: Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows...
Moderate
Unreviewed
CVE-2021-22281
was published
Feb 2, 2024
In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL...
Moderate
Unreviewed
CVE-2024-24938
was published
Feb 6, 2024
In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives
Moderate
Unreviewed
CVE-2024-24942
was published
Feb 6, 2024
An improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in...
Moderate
Unreviewed
CVE-2024-22398
was published
Mar 14, 2024
Dell OpenManage Enterprise, v4.0 and prior, contain(s) a path traversal vulnerability. An...
Moderate
Unreviewed
CVE-2024-25944
was published
Mar 29, 2024
A vulnerability in Cisco Emergency Responder could allow an authenticated, remote attacker to...
Moderate
Unreviewed
CVE-2024-20352
was published
Apr 3, 2024
A vulnerability in the web-based interface of Cisco Unified Communications Manager IM & Presence...
Moderate
Unreviewed
CVE-2024-20310
was published
Apr 3, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 on DDMC...
Moderate
Unreviewed
CVE-2024-37138
was published
Jun 26, 2024
CHANGING Mobile One Time Password does not properly filter parameters for the file download...
Moderate
Unreviewed
CVE-2024-3122
was published
Jul 1, 2024
Windows Remote Desktop Licensing Service Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-38258
was published
Sep 10, 2024
An incorrect limitation of a path to a restricted directory (path traversal) has been detected in...
Moderate
Unreviewed
CVE-2024-9405
was published
Oct 1, 2024
ProTip!
Advisories are also available from the
GraphQL API