Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,030
Erlang
29
GitHub Actions
17
Go
1,837
Maven
5,000+
npm
3,575
NuGet
634
pip
3,161
Pub
10
RubyGems
849
Rust
798
Swift
34
Unreviewed advisories
All unreviewed
5,000+

110 advisories

Loading
Owncast Path Traversal vulnerability Low
CVE-2024-31450 was published for github.com/owncast/owncast (Go) Aug 5, 2024
Symlink bypasses filesystem sandbox Low
CVE-2024-38358 was published for wasmer (Rust) Jun 7, 2024
yagehu
A path traversal vulnerability was reported in the Motorola Ready For application that could... Low Unreviewed
CVE-2023-41825 was published May 3, 2024
JADX file override vulnerability Low
GHSA-hvp5-5x4f-33fq was published for io.github.skylot:jadx-core (Maven) Apr 22, 2024
Cl0udG0d
phpMyFAQ Path Traversal in Attachments Low
CVE-2024-29196 was published for phpmyfaq/phpmyfaq (Composer) Mar 25, 2024
kevinnivekkevin
Dell Unity, versions prior to 5.4, contain a path traversal vulnerability in its... Low Unreviewed
CVE-2024-22226 was published Feb 12, 2024
A vulnerability, which was classified as problematic, was found in KDE Plasma Workspace up to 5... Low Unreviewed
CVE-2024-1433 was published Feb 12, 2024
In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives Low Unreviewed
CVE-2024-24940 was published Feb 6, 2024
Zoho ManageEngine ADAudit Plus before 7270 allows admin users to view names of arbitrary... Low Unreviewed
CVE-2023-50785 was published Jan 25, 2024
The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does... Low Unreviewed
CVE-2023-2252 was published Jan 16, 2024
A vulnerability was found in Inis up to 2.0.1. It has been rated as problematic. This issue... Low Unreviewed
CVE-2024-0341 was published Jan 9, 2024
Duplicate Advisory: Malicious URL drafting attack against iodines static file server may allow path traversal Low
GHSA-qwf7-rv77-fcr3 was published for iodine (RubyGems) Jan 4, 2024 withdrawn
Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in... Low Unreviewed
CVE-2024-20805 was published Jan 4, 2024
Winter CMS Local File Inclusion through Server Side Template Injection Low
CVE-2023-52085 was published for winter/wn-backend-module (Composer) Jan 2, 2024
Sanineng
Using the directory back payload (“/../”) in a package name allows placement of package in other folders. Low
CVE-2023-49089 was published for Umbraco.CMS (NuGet) Dec 13, 2023
SAP Master Data Governance File Upload application allows an attacker to exploit insufficient... Low Unreviewed
CVE-2023-49058 was published Dec 12, 2023
A vulnerability was found in ระบบบัญชีออนไลน์ Online Accounting System up to 1.4.0 and classified... Low Unreviewed
CVE-2018-25094 was published Dec 3, 2023
The LifterLMS – WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to... Low Unreviewed
CVE-2023-6160 was published Nov 22, 2023
It was discovered that Kibana was not validating a user supplied path, which would load .pbf... Low Unreviewed
CVE-2021-22151 was published Nov 22, 2023
sbt vulnerable to arbitrary file write via archive extraction (Zip Slip) Low
CVE-2023-46122 was published for org.scala-sbt:io_2.12 (Maven) Oct 24, 2023
xuwei-k eed3si9n
Pleroma Path Traversal vulnerability Low
CVE-2023-5588 was published for pleroma (Erlang) Oct 16, 2023
A vulnerability was found in SATO CL4NX-J Plus 1.13.2-u455_r2. It has been rated as problematic.... Low Unreviewed
CVE-2023-5327 was published Oct 2, 2023
A vulnerability was found in WhiteHSBG JNDIExploit 1.4 on Windows. It has been rated as... Low Unreviewed
CVE-2023-5257 was published Sep 29, 2023
A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR... Low Unreviewed
CVE-2023-5142 was published Sep 25, 2023
sudo-rs Session File Relative Path Traversal vulnerability Low
CVE-2023-42456 was published for sudo-rs (Rust) Sep 21, 2023
ProTip! Advisories are also available from the GraphQL API