GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,631 advisories
Filter by severity
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-39651
was published
Aug 13, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-43140
was published
Aug 13, 2024
Filament Excel Vulnerable to Path Traversal Attack on Export Download Endpoint
High
CVE-2024-42485
was published
for
pxlrbt/filament-excel
(Composer)
Aug 12, 2024
An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. The vulnerability involves...
High
Unreviewed
CVE-2024-33535
was published
Aug 12, 2024
Raiden MAILD Remote Management System from Team Johnlong Software has a Relative Path Traversal...
High
Unreviewed
CVE-2024-7693
was published
Aug 12, 2024
Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9...
High
Unreviewed
CVE-2024-7399
was published
Aug 12, 2024
A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi...
High
Unreviewed
CVE-2024-41936
was published
Aug 12, 2024
NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support,...
High
Unreviewed
CVE-2024-0113
was published
Aug 12, 2024
Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem...
High
Unreviewed
CVE-2024-6707
was published
Aug 8, 2024
The WPBakery Visual Composer plugin for WordPress is vulnerable to Local File Inclusion in all...
High
Unreviewed
CVE-2024-5709
was published
Aug 6, 2024
Path traversal in Calibre <= 7.14.0 allow unauthenticated attackers to achieve arbitrary file read.
High
Unreviewed
CVE-2024-6781
was published
Aug 6, 2024
Reposilite Arbitrary File Read vulnerability
High
CVE-2024-36117
was published
for
com.reposilite:reposilite-backend
(Maven)
Aug 5, 2024
Nuxt Devtools has a Path Traversal: '../filedir'
High
CVE-2024-23657
was published
for
@nuxt/devtools
(npm)
Aug 5, 2024
Path traversal in Reposilite javadoc file expansion (arbitrary file creation/overwrite) (`GHSL-2024-073`)
High
CVE-2024-36116
was published
for
com.reposilite:reposilite-backend
(Maven)
Aug 2, 2024
AndServer 2.1.12 is vulnerable to Directory Traversal.
High
Unreviewed
CVE-2024-41310
was published
Aug 2, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-39624
was published
Aug 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-39621
was published
Aug 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-38746
was published
Aug 1, 2024
Weave server API vulnerable to arbitrary file leak
High
CVE-2024-7340
was published
for
weave
(pip)
Jul 31, 2024
A vulnerability in the JSON file handling of gaizhenbiao/chuanhuchatgpt version 20240410 allows...
High
Unreviewed
CVE-2024-6255
was published
Jul 31, 2024
Cybonet - CWE-22: Improper Limitation of a Pathname to a Restricted Directory
High
Unreviewed
CVE-2024-41695
was published
Jul 30, 2024
Comodo Internet Security Pro Directory Traversal Local Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2024-7248
was published
Jul 30, 2024
tgstation-server's DreamMaker environment files outside the deployment directory can be compiled and ran by insufficiently permissioned users
High
CVE-2024-41799
was published
for
Tgstation.Server.Api
(NuGet)
Jul 29, 2024
Path traversal vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e. If this...
High
Unreviewed
CVE-2024-41726
was published
Jul 29, 2024
Directory Traversal vulnerability in Severalnines Cluster Control 1.9.8 before 1.9.8-9778, 2.0.0...
High
Unreviewed
CVE-2024-41628
was published
Jul 26, 2024
ProTip!
Advisories are also available from the
GraphQL API