Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

685 advisories

Loading
BC Security Empire before 5.9.3 is vulnerable to a path traversal issue that can lead to remote... Critical Unreviewed
CVE-2024-6127 was published Jun 27, 2024
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The... Critical Unreviewed
CVE-2024-33879 was published Jun 24, 2024
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution... Critical Unreviewed
CVE-2024-4885 was published Jun 25, 2024
The file upload plugin in Adminer and AdminerEvo allows an attacker to upload a file with a table... Critical Unreviewed
CVE-2023-45197 was published Jun 21, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-37089 was published Jun 24, 2024
DeepJavaLibrary API absolute path traversal Critical
CVE-2024-37902 was published for ai.djl:api (Maven) Jun 17, 2024
parisneo/lollms Local File Inclusion (LFI) attack Critical
CVE-2024-4315 was published for lollms (pip) Jun 12, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-35677 was published Jun 10, 2024
Vulnerability discovered by executing a planned security audit. Improper Limitation of a... Critical Unreviewed
CVE-2024-34762 was published Jun 10, 2024
willdurand/js-translation-bundle potential path traversal attack and remote code injection Critical
GHSA-x86x-qhf8-f37w was published for willdurand/js-translation-bundle (Composer) Jun 7, 2024
The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its... Critical Unreviewed
CVE-2024-3234 was published Jun 6, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-33560 was published Jun 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-34551 was published Jun 4, 2024
MileSight DeviceHub - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path... Critical Unreviewed
CVE-2024-27776 was published Jun 2, 2024
sjqzhang go-fastdfs vulnerable to path traversal Critical
CVE-2023-1800 was published for github.com/sjqzhang/go-fastdfs (Go) Apr 2, 2023
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2023-32297 was published May 17, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-31231 was published May 17, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-27954 was published May 17, 2024
Genie Path Traversal vulnerability via File Uploads Critical
CVE-2024-4701 was published for com.netflix.genie:genie-web (Maven) May 9, 2024
jmoritzc53 JoeBeeton
LG Simple Editor cp Command Directory Traversal Remote Code Execution Vulnerability. This... Critical Unreviewed
CVE-2023-40498 was published May 3, 2024
LG Simple Editor copySessionFolder Directory Traversal Remote Code Execution Vulnerability. This... Critical Unreviewed
CVE-2023-40493 was published May 3, 2024
LG Simple Editor saveXml Directory Traversal Remote Code Execution Vulnerability. This... Critical Unreviewed
CVE-2023-40497 was published May 3, 2024
D-Link D-View TftpReceiveFileHandler Directory Traversal Remote Code Execution Vulnerability.... Critical Unreviewed
CVE-2023-32165 was published May 3, 2024
MailDev Remote Code Execution Critical
CVE-2024-27448 was published for maildev (npm) Apr 5, 2024
stypr
There is a path traversal in Esri Portal for ArcGIS versions <= 11.2. Successful exploitation... Critical Unreviewed
CVE-2024-25693 was published Apr 4, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database