GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,751
Composer 4,748
Erlang 35
GitHub Actions 29
Go 2,321
Maven 5,605
npm 3,955
NuGet 712
pip 3,736
Pub 12
RubyGems 921
Rust 972
Swift 38

Unreviewed advisories

All unreviewed 257,943

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

51 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Stored Absolute Path Traversal vulnerabilities in ASPECT could expose sensitive data if... High Unreviewed

CVE-2024-13945 was published May 23, 2025

Port manipulation vulnerabilities in ASPECT provide attackers with the ability to con-trol TCP/IP... High Unreviewed

CVE-2025-2410 was published May 22, 2025

Absolute File Traversal vulnerabilities in ASPECT allows access and modification of unintended... High Unreviewed

CVE-2024-48850 was published May 22, 2025

A local file inclusion vulnerability was identified in automatic1111/stable-diffusion-webui,... Moderate Unreviewed

CVE-2024-12375 was published Mar 20, 2025

parisneo/lollms-webui versions v9.9 to the latest are vulnerable to a directory listing... Moderate Unreviewed

CVE-2024-10047 was published Mar 20, 2025

NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files... High Unreviewed

CVE-2024-48248 was published Mar 4, 2025

Abacus ERP is versions older than 2024.210.16036, 2023.205.15833, 2022.105.15542 are affected by... Moderate Unreviewed

CVE-2025-0001 was published Feb 17, 2025

In Progress® Telerik® Reporting versions prior to 2025 Q1 (19.0.25.211), information disclosure... Moderate Unreviewed

CVE-2024-6097 was published Feb 12, 2025

libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive. Moderate Unreviewed

CVE-2024-57966 was published Feb 3, 2025

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6... Critical Unreviewed

CVE-2024-13160 was published Jan 14, 2025

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6... Critical Unreviewed

CVE-2024-13161 was published Jan 14, 2025

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6... Critical Unreviewed

CVE-2024-13159 was published Jan 14, 2025

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6... Critical Unreviewed

CVE-2024-10811 was published Jan 14, 2025

The topm-client from Chunghwa Telecom has an Arbitrary File Delete vulnerability. The application... High Unreviewed

CVE-2024-12646 was published Dec 16, 2024

The tbm-client from Chunghwa Telecom has an Arbitrary File vulnerability. The application sets up... High Unreviewed

CVE-2024-12644 was published Dec 16, 2024

The tbm-client from Chunghwa Telecom has an Arbitrary File Delete vulnerability. The application... High Unreviewed

CVE-2024-12643 was published Dec 16, 2024

Absolute File Traversal vulnerabilities allows access and modification of un-intended resources.... Critical Unreviewed

CVE-2024-51549 was published Dec 5, 2024

DreamMaker from Interinfo has a Path Traversal vulnerability, allowing unauthenticated remote... High Unreviewed

CVE-2024-11978 was published Nov 29, 2024

IDExpert from CHANGING Information Technology does not properly validate a specific parameter in... Moderate Unreviewed

CVE-2024-10651 was published Nov 1, 2024

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center ... Moderate Unreviewed

CVE-2024-20379 was published Oct 23, 2024

The fix for CVE-2024-26261 was incomplete, and and the specific package for OAKlouds from Hgiga... Critical Unreviewed

CVE-2024-9924 was published Oct 14, 2024

Franklin Fueling Systems TS-550 EVO versions prior to 2.26.4.8967 possess a file that can be read... High Unreviewed

CVE-2024-8497 was published Sep 25, 2024

OMFLOW from The SYSCOM Group does not properly validate user input of the download functionality,... Moderate Unreviewed

CVE-2024-8778 was published Sep 16, 2024

Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the... Moderate Unreviewed

CVE-2024-7323 was published Aug 2, 2024

An issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. Remote unauthenticated attackers... High Unreviewed

CVE-2024-28806 was published Jul 29, 2024

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

51 advisories