Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

29 advisories

Loading
Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which... Moderate Unreviewed
CVE-2021-32954 was published May 24, 2022
A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow... Moderate Unreviewed
CVE-2019-19287 was published May 24, 2022
A vulnerability was found in MuYuCMS 2.2. It has been classified as problematic. Affected is an... Moderate Unreviewed
CVE-2023-1043 was published Feb 26, 2023
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote... Moderate Unreviewed
CVE-2023-20066 was published Mar 23, 2023
Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficiently, which enables... Moderate Unreviewed
CVE-2022-2106 was published Jun 28, 2022
The AGG Software Web Server version 4.0.40.1014 and prior is vulnerable to a path traversal... Moderate Unreviewed
CVE-2021-32964 was published May 25, 2022
** UNSUPPORTED WHEN ASSIGNED ** A post-authentication arbitrary file read vulnerability impacting... Moderate Unreviewed
CVE-2022-22279 was published Apr 14, 2022
A CWE-23: Relative Path Traversal vulnerability exists in Telit Cinterion BGS5, Telit Cinterion... Moderate Unreviewed
CVE-2023-47613 was published Nov 9, 2023
A vulnerability classified as critical was found in jeecgboot JimuReport up to 1.6.1. Affected by... Moderate Unreviewed
CVE-2023-6307 was published Nov 27, 2023
A vulnerability in the NETCONF service of Cisco Network Services Orchestrator (NSO) could allow... Moderate Unreviewed
CVE-2023-20040 was published Jan 20, 2023
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path... Moderate Unreviewed
CVE-2024-22096 was published Feb 2, 2024
In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives Moderate Unreviewed
CVE-2024-24942 was published Feb 6, 2024
: Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows... Moderate Unreviewed
CVE-2021-22281 was published Feb 2, 2024
Dell OpenManage Enterprise, v4.0 and prior, contain(s) a path traversal vulnerability. An... Moderate Unreviewed
CVE-2024-25944 was published Mar 29, 2024
A vulnerability in Cisco Emergency Responder could allow an authenticated, remote attacker to... Moderate Unreviewed
CVE-2024-20352 was published Apr 3, 2024
A vulnerability in the web-based interface of Cisco Unified Communications Manager IM & Presence... Moderate Unreviewed
CVE-2024-20310 was published Apr 3, 2024
SAP CRM (WebClient UI) - versions S4FND 102, 103, 104, 105, 106, 107, WEBCUIF, 700, 701, 731, 730... Moderate Unreviewed
CVE-2023-29189 was published Apr 11, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics... Moderate Unreviewed
CVE-2022-42892 was published Jul 6, 2023
An executable used in Rockwell Automation ThinManager ThinServer can be configured to enable an... Moderate Unreviewed
CVE-2023-2913 was published Jul 18, 2023
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 on DDMC... Moderate Unreviewed
CVE-2024-37138 was published Jun 26, 2024
CHANGING Mobile One Time Password does not properly filter parameters for the file download... Moderate Unreviewed
CVE-2024-3122 was published Jul 1, 2024
An improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in... Moderate Unreviewed
CVE-2024-22398 was published Mar 14, 2024
In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL... Moderate Unreviewed
CVE-2024-24938 was published Feb 6, 2024
Windows Remote Desktop Licensing Service Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-38258 was published Sep 10, 2024
An incorrect limitation of a path to a restricted directory (path traversal) has been detected in... Moderate Unreviewed
CVE-2024-9405 was published Oct 1, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database