GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,150
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
5,839 advisories
Filter by severity
Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This...
Moderate
Unreviewed
CVE-2024-7564
was published
Aug 6, 2024
A vulnerability was found in juzaweb CMS up to 3.4.2. It has been classified as problematic....
Moderate
Unreviewed
CVE-2024-7551
was published
Aug 6, 2024
The WPBakery Visual Composer plugin for WordPress is vulnerable to Local File Inclusion in all...
High
Unreviewed
CVE-2024-5709
was published
Aug 6, 2024
Path traversal in Calibre <= 7.14.0 allow unauthenticated attackers to achieve arbitrary file read.
High
Unreviewed
CVE-2024-6781
was published
Aug 6, 2024
Reposilite Arbitrary File Read vulnerability
High
CVE-2024-36117
was published
for
com.reposilite:reposilite-backend
(Maven)
Aug 5, 2024
Owncast Path Traversal vulnerability
Low
CVE-2024-31450
was published
for
github.com/owncast/owncast
(Go)
Aug 5, 2024
Nuxt Devtools has a Path Traversal: '../filedir'
High
CVE-2024-23657
was published
for
@nuxt/devtools
(npm)
Aug 5, 2024
A vulnerability was found in elunez eladmin up to 2.7 and classified as critical. This issue...
Moderate
Unreviewed
CVE-2024-7458
was published
Aug 5, 2024
Path traversal in Reposilite javadoc file expansion (arbitrary file creation/overwrite) (`GHSL-2024-073`)
High
CVE-2024-36116
was published
for
com.reposilite:reposilite-backend
(Maven)
Aug 2, 2024
A vulnerability has been identified in Omnivise T3000 Application Server (All versions). Affected...
Moderate
Unreviewed
CVE-2024-38878
was published
Aug 2, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Critical
Unreviewed
CVE-2024-39619
was published
Aug 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-39624
was published
Aug 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-39621
was published
Aug 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-38768
was published
Aug 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-38772
was published
Aug 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-38746
was published
Aug 1, 2024
Weave server API vulnerable to arbitrary file leak
High
CVE-2024-7340
was published
for
weave
(pip)
Jul 31, 2024
Dell Inventory Collector, versions prior to 12.3.0.6 contains a Path Traversal vulnerability. A...
Moderate
Unreviewed
CVE-2024-37129
was published
Jul 31, 2024
Cybonet - CWE-22: Improper Limitation of a Pathname to a Restricted Directory
High
Unreviewed
CVE-2024-41695
was published
Jul 30, 2024
Comodo Internet Security Pro Directory Traversal Local Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2024-7248
was published
Jul 30, 2024
tgstation-server's DreamMaker environment files outside the deployment directory can be compiled and ran by insufficiently permissioned users
High
CVE-2024-41799
was published
for
Tgstation.Server.Api
(NuGet)
Jul 29, 2024
Path traversal vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e. If this...
High
Unreviewed
CVE-2024-41726
was published
Jul 29, 2024
Directory Traversal vulnerability in Severalnines Cluster Control 1.9.8 before 1.9.8-9778, 2.0.0...
High
Unreviewed
CVE-2024-41628
was published
Jul 26, 2024
SPX (aka php-spx) through 0.4.15 allows SPX_UI_URI Directory Traversal to read arbitrary files.
Moderate
Unreviewed
CVE-2024-42007
was published
Jul 26, 2024
ICEcoder Path Traversal vulnerability
Moderate
CVE-2024-41373
was published
for
icecoder/icecoder
(Composer)
Jul 26, 2024
ProTip!
Advisories are also available from the
GraphQL API