GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
67 advisories
Filter by severity
A relative path traversal in Fortinet FortiManager version 7.4.0 and 7.2.0 through 7.2.3 and 7.0...
High
Unreviewed
CVE-2023-42791
was published
Feb 20, 2024
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions ...
High
Unreviewed
CVE-2024-27199
was published
Mar 4, 2024
TenderDocTransfer from Chunghwa Telecom has an Arbitrary File Write vulnerability. The...
High
Unreviewed
CVE-2024-12642
was published
Dec 16, 2024
In JetBrains YouTrack before 2024.3.51866 system takeover was possible through path traversal in...
High
Unreviewed
CVE-2024-54154
was published
Dec 4, 2024
The D-Link DSL6740C modem has a Path Traversal Vulnerability, allowing unauthenticated remote...
High
Unreviewed
CVE-2024-11067
was published
Nov 11, 2024
The DVC from TRCore has a Path Traversal vulnerability, allowing unauthenticated remote attackers...
High
Unreviewed
CVE-2024-11310
was published
Nov 18, 2024
The DVC from TRCore has a Path Traversal vulnerability, allowing unauthenticated remote attackers...
High
Unreviewed
CVE-2024-11309
was published
Nov 18, 2024
@backstage/plugin-techdocs-backend storage bucket Directory Traversal vulnerability
High
CVE-2024-45816
was published
for
@backstage/plugin-techdocs-backend
(npm)
Sep 17, 2024
Relative Path Traversal vulnerability in Webangon The Pack Elementor addons allows PHP Local File...
High
Unreviewed
CVE-2024-50453
was published
Oct 28, 2024
Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing...
High
Unreviewed
CVE-2024-10200
was published
Oct 21, 2024
In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user...
High
Unreviewed
CVE-2024-45731
was published
Oct 14, 2024
Enterprise Cloud Database from Ragic does not properly validate a specific page parameter,...
High
Unreviewed
CVE-2024-9983
was published
Oct 15, 2024
Maliciously Crafted Model Archive Can Lead To Arbitrary File Write
High
CVE-2021-41127
was published
for
rasa
(pip)
Oct 22, 2021
Relative Path Traversal vulnerability in James Park Analyse Uploads allows Relative Path...
High
Unreviewed
CVE-2024-49253
was published
Oct 16, 2024
: Relative Path Traversal vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Path...
High
Unreviewed
CVE-2024-47637
was published
Oct 16, 2024
The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing...
High
Unreviewed
CVE-2024-9922
was published
Oct 14, 2024
A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated,...
High
Unreviewed
CVE-2024-20449
was published
Oct 2, 2024
Mautic vulnerable to Relative Path Traversal / Arbitrary File Deletion due to GrapesJS builder
High
CVE-2021-27916
was published
for
mautic/core
(Composer)
Apr 12, 2024
ABB has internally identified a vulnerability in the ABB VPNI feature of the S+ Control API...
High
Unreviewed
CVE-2024-0335
was published
Apr 3, 2024
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-43454
was published
Sep 10, 2024
Raiden MAILD Remote Management System from Team Johnlong Software has a Relative Path Traversal...
High
Unreviewed
CVE-2024-7693
was published
Aug 12, 2024
Mobile Security Framework (MobSF) has a Zip Slip Vulnerability in .a Static Library Files
High
CVE-2024-43399
was published
for
mobsf
(pip)
Aug 19, 2024
gix traversal outside working tree enables arbitrary code execution
High
CVE-2024-35186
was published
for
gitoxide
(Rust)
May 22, 2024
The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied...
High
Unreviewed
CVE-2024-2053
was published
Mar 21, 2024
ProTip!
Advisories are also available from the
GraphQL API