Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

718 advisories

Loading
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-33560 was published Jun 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-34551 was published Jun 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-36104 was published Jun 4, 2024
MileSight DeviceHub - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path... Critical Unreviewed
CVE-2024-27776 was published Jun 2, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-27954 was published May 17, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-31231 was published May 17, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2023-32297 was published May 17, 2024
A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and... Critical Unreviewed
CVE-2024-27810 was published May 14, 2024
Genie Path Traversal vulnerability via File Uploads Critical
CVE-2024-4701 was published for com.netflix.genie:genie-web (Maven) May 9, 2024
jmoritzc53 JoeBeeton
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-32113 was published May 8, 2024
LG Simple Editor saveXml Directory Traversal Remote Code Execution Vulnerability. This... Critical Unreviewed
CVE-2023-40497 was published May 3, 2024
LG Simple Editor copySessionFolder Directory Traversal Remote Code Execution Vulnerability. This... Critical Unreviewed
CVE-2023-40493 was published May 3, 2024
LG Simple Editor cp Command Directory Traversal Remote Code Execution Vulnerability. This... Critical Unreviewed
CVE-2023-40498 was published May 3, 2024
D-Link D-View TftpReceiveFileHandler Directory Traversal Remote Code Execution Vulnerability.... Critical Unreviewed
CVE-2023-32165 was published May 3, 2024
Directory Traversal vulnerability in TaoCMS v.3.0.2 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2024-33350 was published Apr 29, 2024
Directory Traversal vulnerability in DerbyNet v.9.0 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2024-31818 was published Apr 12, 2024
The parisneo/lollms-webui repository is susceptible to a path traversal vulnerability due to... Critical Unreviewed
CVE-2024-1511 was published Apr 10, 2024
A path traversal vulnerability exists in the Java version of CData Connect < 23.4.8846 when... Critical Unreviewed
CVE-2024-31849 was published Apr 5, 2024
A path traversal vulnerability exists in the Java version of CData API Server < 23.4.8844 when... Critical Unreviewed
CVE-2024-31848 was published Apr 5, 2024
MailDev Remote Code Execution Critical
CVE-2024-27448 was published for maildev (npm) Apr 5, 2024
stypr
There is a path traversal in Esri Portal for ArcGIS versions <= 11.2. Successful exploitation... Critical Unreviewed
CVE-2024-25693 was published Apr 4, 2024
Lektor does not sanitize database path traversal Critical
CVE-2024-28335 was published for Lektor (pip) Mar 27, 2024
This vulnerability allows access to arbitrary files in the application server file system due to... Critical Unreviewed
CVE-2024-2227 was published Mar 22, 2024
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-22: 'Path Traversal' may allow... Critical Unreviewed
CVE-2024-27768 was published Mar 18, 2024
Pterodactyl Wings vulnerable to improper isolation of server file access Critical
CVE-2024-27102 was published for github.com/pterodactyl/wings (Go) Mar 15, 2024
KurtThiemann aft2d
matthewpi
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database