Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

717 advisories

Loading
A path traversal vulnerability exists in the Java version of CData Connect < 23.4.8846 when... Critical Unreviewed
CVE-2024-31849 was published Apr 5, 2024
The parisneo/lollms-webui repository is susceptible to a path traversal vulnerability due to... Critical Unreviewed
CVE-2024-1511 was published Apr 10, 2024
Directory Traversal vulnerability in DerbyNet v.9.0 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2024-31818 was published Apr 12, 2024
Directory Traversal vulnerability in TaoCMS v.3.0.2 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2024-33350 was published Apr 29, 2024
D-Link D-View TftpReceiveFileHandler Directory Traversal Remote Code Execution Vulnerability.... Critical Unreviewed
CVE-2023-32165 was published May 3, 2024
LG Simple Editor copySessionFolder Directory Traversal Remote Code Execution Vulnerability. This... Critical Unreviewed
CVE-2023-40493 was published May 3, 2024
LG Simple Editor saveXml Directory Traversal Remote Code Execution Vulnerability. This... Critical Unreviewed
CVE-2023-40497 was published May 3, 2024
LG Simple Editor cp Command Directory Traversal Remote Code Execution Vulnerability. This... Critical Unreviewed
CVE-2023-40498 was published May 3, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-32113 was published May 8, 2024
Genie Path Traversal vulnerability via File Uploads Critical
CVE-2024-4701 was published for com.netflix.genie:genie-web (Maven) May 9, 2024
jmoritzc53 JoeBeeton
A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and... Critical Unreviewed
CVE-2024-27810 was published May 14, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2023-32297 was published May 17, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-27954 was published May 17, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-31231 was published May 17, 2024
MileSight DeviceHub - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path... Critical Unreviewed
CVE-2024-27776 was published Jun 2, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-36104 was published Jun 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-34551 was published Jun 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-33560 was published Jun 4, 2024
Jan path traversal vulnerability Critical
CVE-2024-37273 was published for @janhq/core (npm) Jun 4, 2024
The Startklar Elementor Addons plugin for WordPress is vulnerable to Directory Traversal in all... Critical Unreviewed
CVE-2024-5153 was published Jun 6, 2024
Directory Traversal vulnerability in CubeCart v.6.5.5 and before allows an attacker to execute... Critical Unreviewed
CVE-2024-34832 was published Jun 6, 2024
Remote code execution in mlflow Critical
CVE-2024-0520 was published for mlflow (pip) Jun 6, 2024
parisneo/lollms-webui is vulnerable to path traversal attacks that can lead to remote code... Critical Unreviewed
CVE-2024-2360 was published Jun 6, 2024
A path traversal vulnerability exists in the parisneo/lollms-webui version 9.3 on the Windows... Critical Unreviewed
CVE-2024-2362 was published Jun 6, 2024
A path traversal and arbitrary file upload vulnerability exists in the parisneo/lollms-webui... Critical Unreviewed
CVE-2024-2624 was published Jun 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database