Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,168
Erlang
30
GitHub Actions
19
Go
1,975
Maven
5,000+
npm
3,698
NuGet
654
pip
3,314
Pub
11
RubyGems
882
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+

681 advisories

Loading
Directory Traversal vulnerability in xmind2testcase v.1.5 allows a remote attacker to execute... Critical Unreviewed
CVE-2024-40524 was published Jul 16, 2024
GitHub Security Lab (GHSL) Vulnerability Report: Arbitary write GHSL-2023-182 Critical
CVE-2023-50731 was published for mindsdb (pip) Dec 15, 2023
sylwia-budzynska
It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An... Critical Unreviewed
CVE-2021-42013 was published May 24, 2022
A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <=... Critical Unreviewed
CVE-2021-20090 was published May 24, 2022
The snapshot_path parameter in the /api/get-browser-snapshot endpoint in stitionai devika v1 is... Critical Unreviewed
CVE-2024-40422 was published Jul 24, 2024
The Startklar Elementor Addons plugin for WordPress is vulnerable to Directory Traversal in all... Critical Unreviewed
CVE-2024-5153 was published Jun 6, 2024
SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. This... Critical Unreviewed
CVE-2024-23472 was published Jul 17, 2024
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information... Critical Unreviewed
CVE-2024-23475 was published Jul 17, 2024
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information... Critical Unreviewed
CVE-2024-23467 was published Jul 17, 2024
SolarWinds Access Rights Manager (ARM) is susceptible to a Directory Traversal Remote Code... Critical Unreviewed
CVE-2024-23466 was published Jul 17, 2024
Directory Traversal vulnerability in Kalkitech ASE ASE61850 IEDSmart upto and including version 2... Critical Unreviewed
CVE-2024-36059 was published Jun 28, 2024
Remote Command program allows an attacker to get Remote Code Execution. This vulnerability can be... Critical Unreviewed
CVE-2024-27174 was published Jun 14, 2024
Remote Command program allows an attacker to get Remote Code Execution by overwriting existing... Critical Unreviewed
CVE-2024-27173 was published Jun 14, 2024
The Toshiba printers provide several ways to upload files using the web interface without... Critical Unreviewed
CVE-2024-27144 was published Jun 14, 2024
The Toshiba printers provide several ways to upload files using the admin web interface. An... Critical Unreviewed
CVE-2024-27145 was published Jun 14, 2024
An issue in VPL Jail System up to v4.0.2 allows attackers to execute a directory traversal via a... Critical Unreviewed
CVE-2024-34313 was published Jun 24, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-36104 was published Jun 4, 2024
Directory Traversal vulnerability in TaoCMS v.3.0.2 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2024-33350 was published Apr 29, 2024
Directory Traversal vulnerability in DerbyNet v.9.0 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2024-31818 was published Apr 12, 2024
Certain WSO2 products allow unrestricted file upload with resultant remote code execution. This... Critical Unreviewed
CVE-2022-29464 was published Apr 20, 2022
BC Security Empire before 5.9.3 is vulnerable to a path traversal issue that can lead to remote... Critical Unreviewed
CVE-2024-6127 was published Jun 27, 2024
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The... Critical Unreviewed
CVE-2024-33879 was published Jun 24, 2024
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution... Critical Unreviewed
CVE-2024-4885 was published Jun 25, 2024
The file upload plugin in Adminer and AdminerEvo allows an attacker to upload a file with a table... Critical Unreviewed
CVE-2023-45197 was published Jun 21, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-37089 was published Jun 24, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database