GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
172 advisories
Filter by severity
Path traveral in Streamlit on windows
Moderate
CVE-2024-42474
was published
for
streamlit
(pip)
Aug 12, 2024
libre-chat Path Traversal vulnerability
Moderate
CVE-2024-52787
was published
for
libre-chat
(pip)
Nov 25, 2024
GitHub Security Lab (GHSL) Vulnerability Report: Arbitary write GHSL-2023-182
High
CVE-2023-50731
was published
for
mindsdb
(pip)
Dec 15, 2023
OpenStack Nova Directory traversal vulnerability
Moderate
CVE-2012-3360
was published
for
nova
(pip)
May 17, 2022
GitPython blind local file inclusion
Moderate
CVE-2023-41040
was published
for
GitPython
(pip)
Aug 30, 2023
Remote Code Execution via traversal in TAL expressions
High
CVE-2021-32674
was published
for
Zope
(pip)
Jun 8, 2021
Remote Code Execution via traversal in TAL expressions
High
CVE-2021-32633
was published
for
Zope
(pip)
Jun 18, 2021
Duplicate Advisory: Path Traversal in Zope
High
GHSA-5vq5-pg3r-9ph3
was published
for
Zope
(pip)
Jun 10, 2021
•
withdrawn
Duplicate Advisory: Path Traversal in Zope
High
GHSA-962m-m8jw-8wrr
was published
for
Zope
(pip)
Jun 15, 2021
•
withdrawn
Directory Traversal vulnerability in GET/PUT allows attackers to Disclose Information or Write Files via a crafted GET/PUT request
Low
CVE-2020-15239
was published
for
xmpp-http-upload
(pip)
Oct 6, 2020
UBI Reader vulnerable to Path Traversal
Moderate
CVE-2022-4572
was published
for
ubi-reader
(pip)
Dec 17, 2022
uWSGI Directory Traversal vulnerability
High
CVE-2018-7490
was published
for
uWSGI
(pip)
May 14, 2022
Tryton Directory Traversal vulnerability
High
CVE-2013-4510
was published
for
trytond
(pip)
May 17, 2022
aiohttp is vulnerable to directory traversal
High
CVE-2024-23334
was published
for
aiohttp
(pip)
Jan 29, 2024
Apache Airflow Path Traversal vulnerability
High
CVE-2023-22887
was published
for
apache-airflow
(pip)
Jul 12, 2023
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted PyPI package
Low
CVE-2022-23531
was published
for
guarddog
(pip)
Dec 2, 2022
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package
Low
CVE-2022-23530
was published
for
guarddog
(pip)
Dec 5, 2022
Files on the host computer can be accessed from the Gradio interface
Critical
CVE-2021-43831
was published
for
gradio
(pip)
Jan 21, 2022
Arbitrary file reading vulnerability in Aim
Critical
CVE-2021-43775
was published
for
aim
(pip)
Nov 23, 2021
The Fuck Arbitrary File Deletion via Path Traversal
High
CVE-2021-34363
was published
for
thefuck
(pip)
Jun 15, 2021
changedetection.io path traversal using file URI scheme without supplying hostname
High
CVE-2024-51998
was published
for
changedetection.io
(pip)
Nov 7, 2024
Gradio vulnerable to arbitrary file read with File and UploadButton components
Moderate
CVE-2024-51751
was published
for
gradio
(pip)
Nov 6, 2024
ProTip!
Advisories are also available from the
GraphQL API