GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
156 advisories
Filter by severity
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service ...
Moderate
Unreviewed
CVE-2021-1282
was published
May 24, 2022
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service ...
Moderate
Unreviewed
CVE-2021-1364
was published
May 24, 2022
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service ...
Moderate
Unreviewed
CVE-2021-1355
was published
May 24, 2022
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service ...
Moderate
Unreviewed
CVE-2021-1357
was published
May 24, 2022
Path traversal vulnerability in Chalemelon Power framework, affecting the getImage parameter....
High
Unreviewed
CVE-2023-6252
was published
Nov 22, 2023
In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an...
High
Unreviewed
CVE-2023-46690
was published
Dec 1, 2023
In Delta Electronics InfraSuite Device Master v.1.0.7, A vulnerability exists that allows an...
High
Unreviewed
CVE-2023-47279
was published
Dec 1, 2023
: Path Traversal vulnerability in Pandora FMS on all allows Path Traversal. This vulnerability...
Moderate
Unreviewed
CVE-2023-41793
was published
Mar 19, 2024
The discontinued FFS Colibri product allows a remote user to access files on the system including...
Moderate
Unreviewed
CVE-2023-5885
was published
Nov 28, 2023
In JetBrains Ktor before 2.3.0 path traversal in the `resolveResource` method was possible
High
Unreviewed
CVE-2022-48476
was published
Apr 24, 2023
In the Splunk App for Lookup File Editing versions below 4.0.1, a low-privileged user can, with a...
High
Unreviewed
CVE-2023-32714
was published
Jun 1, 2023
SAP Asset Accounting could allow a high privileged attacker to exploit insufficient validation of...
High
Unreviewed
CVE-2024-27901
was published
Apr 9, 2024
Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks,...
High
Unreviewed
CVE-2024-39171
was published
Jul 9, 2024
In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could...
High
Unreviewed
CVE-2024-36991
was published
Jul 1, 2024
**UNSUPPORTED WHEN ASSIGNED** Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1...
Critical
Unreviewed
CVE-2024-40505
was published
Jul 16, 2024
An authenticated user can download sensitive files from Trellix products NX, EX, FX, AX, IVX, ...
Moderate
Unreviewed
CVE-2024-7608
was published
Aug 27, 2024
htmly v2.9.6 was discovered to contain an arbitrary file deletion vulnerability via the...
Moderate
Unreviewed
CVE-2024-34191
was published
May 14, 2024
NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support,...
High
Unreviewed
CVE-2024-0113
was published
Aug 12, 2024
Multi-DNC – CWE-35: Path Traversal: '.../...//'
High
Unreviewed
CVE-2024-45248
was published
Oct 6, 2024
Marinus Pfund, member of the AXIS OS Bug Bounty Program,
has found the VAPIX API ledlimit.cgi...
Moderate
Unreviewed
CVE-2024-0067
was published
Sep 10, 2024
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del...
High
Unreviewed
CVE-2023-21415
was published
Oct 16, 2023
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API...
High
Unreviewed
CVE-2023-21416
was published
Nov 21, 2023
Sandro Poppi, member of the AXIS OS Bug Bounty Program,
has found that the VAPIX API...
High
Unreviewed
CVE-2023-21417
was published
Nov 21, 2023
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup...
High
Unreviewed
CVE-2023-21418
was published
Nov 21, 2023
The default TCL Camera application exposes a provider vulnerable to path traversal vulnerability....
High
Unreviewed
CVE-2024-11136
was published
Nov 14, 2024
ProTip!
Advisories are also available from the
GraphQL API