Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,901
Maven
5,000+
npm
3,631
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

63 advisories

Loading
Directory traversal in mkdocs High
CVE-2021-40978 was published for mkdocs (pip) Oct 12, 2021
Path traversal in flaskcode High
CVE-2023-52288 was published for flaskcode (pip) Jan 13, 2024
Path traversal in flaskcode High
CVE-2023-52289 was published for flaskcode (pip) Jan 13, 2024
Unsecured endpoints in the jupyter-lsp server extension High
CVE-2024-22415 was published for jupyter-lsp (pip) Jan 18, 2024
Gradio Path Traversal vulnerability High
CVE-2024-0964 was published for gradio (pip) Feb 6, 2024
Gradio makes the `/file` secure against file traversal and server-side request forgery attacks High
CVE-2023-51449 was published for gradio (pip) Dec 21, 2023
Yaniv-git nvn1729
Allegro AI ClearML path traversal vulnerability High
CVE-2024-24591 was published for clearml (pip) Feb 6, 2024
ESPHome vulnerable to remote code execution via arbitrary file write High
CVE-2024-27081 was published for esphome (pip) Mar 1, 2024
Gradio Local File Inclusion vulnerability High
CVE-2024-1728 was published for gradio (pip) Apr 10, 2024
NiceGUI allows potential access to local file system High
CVE-2024-32005 was published for nicegui (pip) Apr 12, 2024
sunriseXu
mlflow vulnerable to Path Traversal High
CVE-2024-1560 was published for mlflow (pip) Apr 16, 2024
mlflow vulnerable to Path Traversal High
CVE-2024-1593 was published for mlflow (pip) Apr 16, 2024
mlflow vulnerable to Path Traversal High
CVE-2024-1594 was published for mlflow (pip) Apr 16, 2024
Sanic arbitrary file read and directory traversal High
CVE-2017-16762 was published for sanic (pip) May 17, 2022
Path Traversal in Django High
CVE-2021-31542 was published for Django (pip) Jun 4, 2021
tdunlap607
Onnx Directory Traversal vulnerability High
CVE-2024-27318 was published for onnx (pip) Feb 23, 2024
iarspider
uWSGI Directory Traversal vulnerability High
CVE-2018-7490 was published for uWSGI (pip) May 14, 2022
Tryton Directory Traversal vulnerability High
CVE-2013-4510 was published for trytond (pip) May 17, 2022
Local file inclusion in gradio High
CVE-2024-4941 was published for gradio (pip) Jun 6, 2024
Path traversal in saltstack High
CVE-2024-22232 was published for salt (pip) Jun 27, 2024
lollms path traversal vulnerability allows overriding of config.yaml file, leading to RCE High
CVE-2024-5824 was published for lollms (pip) Jun 27, 2024
lollms vulnerable to path traversal due to unauthenticated root folder settings change High
CVE-2024-6085 was published for lollms (pip) Jun 27, 2024
Litestar and Starlite vulnerable to Path Traversal High
CVE-2024-32982 was published for litestar (pip) May 6, 2024
brian-edgar-re JacobCoffee
Local File Inclusion in Solara High
CVE-2024-39903 was published for solara (pip) Jul 12, 2024
sunriseXu
Weave server API vulnerable to arbitrary file leak High
CVE-2024-7340 was published for weave (pip) Jul 31, 2024
ProTip! Advisories are also available from the GraphQL API