GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,030
Erlang
29
GitHub Actions
17
Go
1,837
Maven
5,000+
npm
3,575
NuGet
634
pip
3,161
Pub
10
RubyGems
849
Rust
798
Swift
34
Unreviewed advisories
All unreviewed
5,000+
5,875 advisories
Filter by severity
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-37437
was published
Jul 9, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-37410
was published
Jul 9, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-37419
was published
Jul 9, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-37462
was published
Jul 9, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-37454
was published
Jul 9, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-37266
was published
Jul 9, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-37268
was published
Jul 9, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-37224
was published
Jul 9, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-37547
was published
Jul 6, 2024
MyPower vc8100 V100R001C00B030 was discovered to contain an arbitrary file read vulnerability via...
Moderate
Unreviewed
CVE-2024-39178
was published
Jul 5, 2024
supOS 5.0 allows api/image/download?fileName=../ directory traversal for reading files.
High
Unreviewed
CVE-2024-39937
was published
Jul 5, 2024
Classpath resource disclosure in GWC Web Resource API on Windows / Tomcat
High
CVE-2024-24749
was published
for
org.geoserver.web:gs-web-app
(Maven)
Jul 1, 2024
In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could...
High
Unreviewed
CVE-2024-36991
was published
Jul 1, 2024
Directory Traversal vulnerability in Kalkitech ASE ASE61850 IEDSmart upto and including version 2...
Critical
Unreviewed
CVE-2024-36059
was published
Jun 28, 2024
lollms path traversal vulnerability allows overriding of config.yaml file, leading to RCE
High
CVE-2024-5824
was published
for
lollms
(pip)
Jun 27, 2024
lollms vulnerable to path traversal due to unauthenticated root folder settings change
High
CVE-2024-6085
was published
for
lollms
(pip)
Jun 27, 2024
BC Security Empire before 5.9.3 is vulnerable to a path traversal issue that can lead to remote...
Critical
Unreviewed
CVE-2024-6127
was published
Jun 27, 2024
Path Traversal in GitHub repository stitionai/devika prior to -.
High
Unreviewed
CVE-2024-5548
was published
Jun 27, 2024
Directory creation by malicious user in saltstack
Moderate
CVE-2024-22231
was published
for
salt
(pip)
Jun 27, 2024
In WhatsUp Gold versions released before 2023.1.3, a path traversal vulnerability exists. A...
Moderate
Unreviewed
CVE-2024-5017
was published
Jun 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Path Traversal...
Moderate
Unreviewed
CVE-2024-5018
was published
Jun 25, 2024
In WhatsUp Gold versions released before 2023.1.3,
an unauthenticated Arbitrary File Read issue...
Moderate
Unreviewed
CVE-2024-5019
was published
Jun 25, 2024
A Path Traversal and Remote File Inclusion (RFI) vulnerability exists in the parisneo/lollms...
High
Unreviewed
CVE-2024-4498
was published
Jun 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution...
Critical
Unreviewed
CVE-2024-4885
was published
Jun 25, 2024
ProTip!
Advisories are also available from the
GraphQL API