Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,030
Erlang
29
GitHub Actions
17
Go
1,837
Maven
5,000+
npm
3,575
NuGet
634
pip
3,161
Pub
10
RubyGems
849
Rust
798
Swift
34
Unreviewed advisories
All unreviewed
5,000+

5,875 advisories

Loading
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-37437 was published Jul 9, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-37410 was published Jul 9, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-37419 was published Jul 9, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-37462 was published Jul 9, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-37454 was published Jul 9, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-37266 was published Jul 9, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-37268 was published Jul 9, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-37224 was published Jul 9, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-37547 was published Jul 6, 2024
MyPower vc8100 V100R001C00B030 was discovered to contain an arbitrary file read vulnerability via... Moderate Unreviewed
CVE-2024-39178 was published Jul 5, 2024
supOS 5.0 allows api/image/download?fileName=../ directory traversal for reading files. High Unreviewed
CVE-2024-39937 was published Jul 5, 2024
Classpath resource disclosure in GWC Web Resource API on Windows / Tomcat High
CVE-2024-24749 was published for org.geoserver.web:gs-web-app (Maven) Jul 1, 2024
Kai5174 sikeoka
jodygarnett
In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could... High Unreviewed
CVE-2024-36991 was published Jul 1, 2024
Directory Traversal vulnerability in Kalkitech ASE ASE61850 IEDSmart upto and including version 2... Critical Unreviewed
CVE-2024-36059 was published Jun 28, 2024
lollms path traversal vulnerability allows overriding of config.yaml file, leading to RCE High
CVE-2024-5824 was published for lollms (pip) Jun 27, 2024
lollms vulnerable to path traversal due to unauthenticated root folder settings change High
CVE-2024-6085 was published for lollms (pip) Jun 27, 2024
BC Security Empire before 5.9.3 is vulnerable to a path traversal issue that can lead to remote... Critical Unreviewed
CVE-2024-6127 was published Jun 27, 2024
Path Traversal in GitHub repository stitionai/devika prior to -. High Unreviewed
CVE-2024-5548 was published Jun 27, 2024
Directory creation by malicious user in saltstack Moderate
CVE-2024-22231 was published for salt (pip) Jun 27, 2024
Path traversal in saltstack High
CVE-2024-22232 was published for salt (pip) Jun 27, 2024
In WhatsUp Gold versions released before 2023.1.3, a path traversal vulnerability exists. A... Moderate Unreviewed
CVE-2024-5017 was published Jun 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Path Traversal... Moderate Unreviewed
CVE-2024-5018 was published Jun 25, 2024
In WhatsUp Gold versions released before 2023.1.3,  an unauthenticated Arbitrary File Read issue... Moderate Unreviewed
CVE-2024-5019 was published Jun 25, 2024
A Path Traversal and Remote File Inclusion (RFI) vulnerability exists in the parisneo/lollms... High Unreviewed
CVE-2024-4498 was published Jun 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution... Critical Unreviewed
CVE-2024-4885 was published Jun 25, 2024
ProTip! Advisories are also available from the GraphQL API