Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,046
Maven
5,000+
npm
3,737
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

142 advisories

Loading
In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives Moderate Unreviewed
CVE-2024-24942 was published Feb 6, 2024
Dell Unity, versions prior to 5.4, contain a path traversal vulnerability in its... Low Unreviewed
CVE-2024-22226 was published Feb 12, 2024
registry-support: decompress can delete files outside scope via relative paths Moderate
CVE-2024-1485 was published for github.com/devfile/registry-support/registry-library (Go) Feb 14, 2024
cebarks
Helm dependency management path traversal Moderate
CVE-2024-25620 was published for helm.sh/helm/v3 (Go) Feb 15, 2024
dominykas
A relative path traversal in Fortinet FortiManager version 7.4.0 and 7.2.0 through 7.2.3 and 7.0... High Unreviewed
CVE-2023-42791 was published Feb 20, 2024
A user who is privileged already `manager` or `admin` can set their profile picture via the... Critical Unreviewed
CVE-2024-0550 was published Feb 28, 2024
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions ... High Unreviewed
CVE-2024-27199 was published Mar 4, 2024
An improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in... Moderate Unreviewed
CVE-2024-22398 was published Mar 14, 2024
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-23: Relative Path Traversal High Unreviewed
CVE-2024-27770 was published Mar 18, 2024
The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied... High Unreviewed
CVE-2024-2053 was published Mar 21, 2024
Dell OpenManage Enterprise, v4.0 and prior, contain(s) a path traversal vulnerability. An... Moderate Unreviewed
CVE-2024-25944 was published Mar 29, 2024
A vulnerability in the web-based interface of Cisco Unified Communications Manager IM & Presence... Moderate Unreviewed
CVE-2024-20310 was published Apr 3, 2024
A vulnerability in Cisco Emergency Responder could allow an authenticated, remote attacker to... Moderate Unreviewed
CVE-2024-20352 was published Apr 3, 2024
ABB has internally identified a vulnerability in the ABB VPNI feature of the S+ Control API... High Unreviewed
CVE-2024-0335 was published Apr 3, 2024
mintplex-labs/anything-llm is vulnerable to path traversal attacks due to insufficient validation... Critical Unreviewed
CVE-2024-3025 was published Apr 10, 2024
Mautic vulnerable to Relative Path Traversal / Arbitrary File Deletion due to GrapesJS builder High
CVE-2021-27916 was published for mautic/core (Composer) Apr 12, 2024
adiux mollux
NiceGUI allows potential access to local file system High
CVE-2024-32005 was published for nicegui (pip) Apr 12, 2024
sunriseXu
mintplex-labs/anything-llm is vulnerable to a relative path traversal attack, allowing... High Unreviewed
CVE-2024-0549 was published Apr 16, 2024
Windows Hyper-V Remote Code Execution Vulnerability High Unreviewed
CVE-2024-30010 was published May 14, 2024
Oceanic allows unsanitized user input to lead to path traversal in URLs Moderate
CVE-2024-34712 was published for oceanic.js (npm) May 14, 2024
Vendicated DonovanDMC
Nuckyz
A specially crafted Zip file containing path traversal characters can be imported to the ... High Unreviewed
CVE-2024-33615 was published May 15, 2024
Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to access... High Unreviewed
CVE-2023-3940 was published May 21, 2024
Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to write... Critical Unreviewed
CVE-2023-3941 was published May 21, 2024
gix traversal outside working tree enables arbitrary code execution High
CVE-2024-35186 was published for gitoxide (Rust) May 22, 2024
EliahKagan Byron
path traversal vulnerability was identified in the parisneo/lollms-webui Moderate
CVE-2024-4330 was published for lollms (pip) Jun 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database