GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,782
Erlang
36
GitHub Actions
29
Go
2,346
Maven
5,000+
npm
3,976
NuGet
720
pip
3,772
Pub
12
RubyGems
923
Rust
980
Swift
38
Unreviewed advisories
All unreviewed
5,000+
89 advisories
Filter by severity
setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write
High
CVE-2025-47273
was published
for
setuptools
(pip)
May 19, 2025
MLflow has a Local File Read/Path Traversal bypass
High
CVE-2024-3848
was published
for
mlflow
(pip)
May 16, 2024
Open Neural Network Exchange (ONNX) Path Traversal Vulnerability
High
CVE-2024-7776
was published
for
onnx
(pip)
Mar 20, 2025
GluonCV Arbitrary File Write via TarSlip
High
CVE-2024-12216
was published
for
gluoncv
(pip)
Mar 20, 2025
MLflow has a Local File Read/Path Traversal in dbfs
High
CVE-2024-8859
was published
for
mlflow
(pip)
Mar 20, 2025
AgentScope directory traversal vulnerability in /read-examples
High
CVE-2024-8524
was published
for
agentscope
(pip)
Mar 20, 2025
AgentScope Path Traversal in /api/file
High
CVE-2024-8438
was published
for
agentscope
(pip)
Mar 20, 2025
Label Studio has a Path Traversal Vulnerability via image Field
High
CVE-2025-25295
was published
for
label-studio-sdk
(pip)
Feb 14, 2025
Onnx Directory Traversal vulnerability
High
CVE-2024-27318
was published
for
onnx
(pip)
Feb 23, 2024
luigi Arbitrary File Write via Archive Extraction (Zip Slip)
High
CVE-2024-21542
was published
for
luigi
(pip)
Dec 10, 2024
ESPHome vulnerable to remote code execution via arbitrary file write
High
CVE-2024-27081
was published
for
esphome
(pip)
Mar 1, 2024
onnx allows Arbitrary File Overwrite in download_model_with_test_data
High
CVE-2024-5187
was published
for
onnx
(pip)
Jun 6, 2024
changedetection.io Vulnerable to Improper Input Validation Leading to LFR/Path Traversal
High
CVE-2024-56509
was published
for
changedetection.io
(pip)
Dec 27, 2024
python-libarchive directory traversal
High
CVE-2024-55587
was published
for
python-libarchive
(pip)
Dec 12, 2024
GitHub Security Lab (GHSL) Vulnerability Report: Arbitary write GHSL-2023-182
High
CVE-2023-50731
was published
for
mindsdb
(pip)
Dec 15, 2023
Remote Code Execution via traversal in TAL expressions
High
CVE-2021-32674
was published
for
Zope
(pip)
Jun 8, 2021
Remote Code Execution via traversal in TAL expressions
High
CVE-2021-32633
was published
for
Zope
(pip)
Jun 18, 2021
Duplicate Advisory: Path Traversal in Zope
High
GHSA-5vq5-pg3r-9ph3
was published
for
Zope
(pip)
Jun 10, 2021
•
withdrawn
Duplicate Advisory: Path Traversal in Zope
High
GHSA-962m-m8jw-8wrr
was published
for
Zope
(pip)
Jun 15, 2021
•
withdrawn
uWSGI Directory Traversal vulnerability
High
CVE-2018-7490
was published
for
uWSGI
(pip)
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API