Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,344
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+

768 advisories

Loading
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The... Critical Unreviewed
CVE-2024-33879 was published Jun 24, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-37089 was published Jun 24, 2024
Multiple directory traversal vulnerabilities in the TFTP Server in Distinct Intranet Servers 3.10... Critical Unreviewed
CVE-2012-6664 was published Jun 22, 2024
The file upload plugin in Adminer and AdminerEvo allows an attacker to upload a file with a table... Critical Unreviewed
CVE-2023-45197 was published Jun 21, 2024
DeepJavaLibrary API absolute path traversal Critical
CVE-2024-37902 was published for ai.djl:api (Maven) Jun 17, 2024
Remote Command program allows an attacker to get Remote Code Execution. This vulnerability can be... Critical Unreviewed
CVE-2024-27174 was published Jun 14, 2024
Remote Command program allows an attacker to get Remote Code Execution by overwriting existing... Critical Unreviewed
CVE-2024-27173 was published Jun 14, 2024
The Toshiba printers provide several ways to upload files using the admin web interface. An... Critical Unreviewed
CVE-2024-27145 was published Jun 14, 2024
The Toshiba printers provide several ways to upload files using the web interface without... Critical Unreviewed
CVE-2024-27144 was published Jun 14, 2024
parisneo/lollms Local File Inclusion (LFI) attack Critical
CVE-2024-4315 was published for lollms (pip) Jun 12, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-35677 was published Jun 10, 2024
Vulnerability discovered by executing a planned security audit. Improper Limitation of a... Critical Unreviewed
CVE-2024-34762 was published Jun 10, 2024
willdurand/js-translation-bundle potential path traversal attack and remote code injection Critical
GHSA-x86x-qhf8-f37w was published for willdurand/js-translation-bundle (Composer) Jun 7, 2024
The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its... Critical Unreviewed
CVE-2024-3234 was published Jun 6, 2024
A remote code execution (RCE) vulnerability exists in the '/install_extension' endpoint of the... Critical Unreviewed
CVE-2024-4320 was published Jun 6, 2024
A path traversal vulnerability exists in the parisneo/lollms-webui version 9.3 on the Windows... Critical Unreviewed
CVE-2024-2362 was published Jun 6, 2024
A path traversal and arbitrary file upload vulnerability exists in the parisneo/lollms-webui... Critical Unreviewed
CVE-2024-2624 was published Jun 6, 2024
parisneo/lollms-webui is vulnerable to path traversal attacks that can lead to remote code... Critical Unreviewed
CVE-2024-2360 was published Jun 6, 2024
Remote code execution in mlflow Critical
CVE-2024-0520 was published for mlflow (pip) Jun 6, 2024
Directory Traversal vulnerability in CubeCart v.6.5.5 and before allows an attacker to execute... Critical Unreviewed
CVE-2024-34832 was published Jun 6, 2024
The Startklar Elementor Addons plugin for WordPress is vulnerable to Directory Traversal in all... Critical Unreviewed
CVE-2024-5153 was published Jun 6, 2024
Jan path traversal vulnerability Critical
CVE-2024-37273 was published for @janhq/core (npm) Jun 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-33560 was published Jun 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-34551 was published Jun 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-36104 was published Jun 4, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database