GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,030
Erlang
29
GitHub Actions
17
Go
1,837
Maven
5,000+
npm
3,575
NuGet
634
pip
3,161
Pub
10
RubyGems
849
Rust
798
Swift
34
Unreviewed advisories
All unreviewed
5,000+
2,562 advisories
Filter by severity
In Ocean Data Systems Dream Report, a path traversal vulnerability could allow an attacker to...
High
Unreviewed
CVE-2024-6618
was published
Aug 13, 2024
Path traversal vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11...
High
Unreviewed
CVE-2024-23787
was published
Aug 13, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-43135
was published
Aug 13, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-39651
was published
Aug 13, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-43140
was published
Aug 13, 2024
Filament Excel Vulnerable to Path Traversal Attack on Export Download Endpoint
High
CVE-2024-42485
was published
for
pxlrbt/filament-excel
(Composer)
Aug 12, 2024
An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. The vulnerability involves...
High
Unreviewed
CVE-2024-33535
was published
Aug 12, 2024
Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9...
High
Unreviewed
CVE-2024-7399
was published
Aug 12, 2024
A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi...
High
Unreviewed
CVE-2024-41936
was published
Aug 12, 2024
Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem...
High
Unreviewed
CVE-2024-6707
was published
Aug 8, 2024
The WPBakery Visual Composer plugin for WordPress is vulnerable to Local File Inclusion in all...
High
Unreviewed
CVE-2024-5709
was published
Aug 6, 2024
Path traversal in Calibre <= 7.14.0 allow unauthenticated attackers to achieve arbitrary file read.
High
Unreviewed
CVE-2024-6781
was published
Aug 6, 2024
Reposilite Arbitrary File Read vulnerability
High
CVE-2024-36117
was published
for
com.reposilite:reposilite-backend
(Maven)
Aug 5, 2024
Nuxt Devtools has a Path Traversal: '../filedir'
High
CVE-2024-23657
was published
for
@nuxt/devtools
(npm)
Aug 5, 2024
Path traversal in Reposilite javadoc file expansion (arbitrary file creation/overwrite) (`GHSL-2024-073`)
High
CVE-2024-36116
was published
for
com.reposilite:reposilite-backend
(Maven)
Aug 2, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-39621
was published
Aug 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-39624
was published
Aug 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-38746
was published
Aug 1, 2024
Weave server API vulnerable to arbitrary file leak
High
CVE-2024-7340
was published
for
weave
(pip)
Jul 31, 2024
Cybonet - CWE-22: Improper Limitation of a Pathname to a Restricted Directory
High
Unreviewed
CVE-2024-41695
was published
Jul 30, 2024
Comodo Internet Security Pro Directory Traversal Local Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2024-7248
was published
Jul 30, 2024
tgstation-server's DreamMaker environment files outside the deployment directory can be compiled and ran by insufficiently permissioned users
High
CVE-2024-41799
was published
for
Tgstation.Server.Api
(NuGet)
Jul 29, 2024
Path traversal vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e. If this...
High
Unreviewed
CVE-2024-41726
was published
Jul 29, 2024
Directory Traversal vulnerability in Severalnines Cluster Control 1.9.8 before 1.9.8-9778, 2.0.0...
High
Unreviewed
CVE-2024-41628
was published
Jul 26, 2024
The MaxiBlocks: 2200+ Patterns, 190 Pages, 14.2K Icons & 100 Styles plugin for WordPress is...
High
Unreviewed
CVE-2024-6885
was published
Jul 23, 2024
ProTip!
Advisories are also available from the
GraphQL API