GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
555 advisories
Filter by severity
SolarWinds Access Rights Manager (ARM) is susceptible to a Directory Traversal Remote Code...
Critical
Unreviewed
CVE-2024-23466
was published
Jul 17, 2024
Directory Traversal vulnerability in xmind2testcase v.1.5 allows a remote attacker to execute...
Critical
Unreviewed
CVE-2024-40524
was published
Jul 16, 2024
Directory Traversal vulnerability in Kalkitech ASE ASE61850 IEDSmart upto and including version 2...
Critical
Unreviewed
CVE-2024-36059
was published
Jun 28, 2024
BC Security Empire before 5.9.3 is vulnerable to a path traversal issue that can lead to remote...
Critical
Unreviewed
CVE-2024-6127
was published
Jun 27, 2024
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution...
Critical
Unreviewed
CVE-2024-4885
was published
Jun 25, 2024
An issue in VPL Jail System up to v4.0.2 allows attackers to execute a directory traversal via a...
Critical
Unreviewed
CVE-2024-34313
was published
Jun 24, 2024
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The...
Critical
Unreviewed
CVE-2024-33879
was published
Jun 24, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Critical
Unreviewed
CVE-2024-37089
was published
Jun 24, 2024
Multiple directory traversal vulnerabilities in the TFTP Server in Distinct Intranet Servers 3.10...
Critical
Unreviewed
CVE-2012-6664
was published
Jun 22, 2024
The file upload plugin in Adminer and AdminerEvo allows an attacker to upload a file with a table...
Critical
Unreviewed
CVE-2023-45197
was published
Jun 21, 2024
Remote Command program allows an attacker to get Remote Code Execution. This vulnerability can be...
Critical
Unreviewed
CVE-2024-27174
was published
Jun 14, 2024
Remote Command program allows an attacker to get Remote Code Execution by overwriting existing...
Critical
Unreviewed
CVE-2024-27173
was published
Jun 14, 2024
The Toshiba printers provide several ways to upload files using the admin web interface. An...
Critical
Unreviewed
CVE-2024-27145
was published
Jun 14, 2024
The Toshiba printers provide several ways to upload files using the web interface without...
Critical
Unreviewed
CVE-2024-27144
was published
Jun 14, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Critical
Unreviewed
CVE-2024-35677
was published
Jun 10, 2024
Vulnerability discovered by executing a planned security audit.
Improper Limitation of a...
Critical
Unreviewed
CVE-2024-34762
was published
Jun 10, 2024
The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its...
Critical
Unreviewed
CVE-2024-3234
was published
Jun 6, 2024
Directory Traversal vulnerability in CubeCart v.6.5.5 and before allows an attacker to execute...
Critical
Unreviewed
CVE-2024-34832
was published
Jun 6, 2024
The Startklar Elementor Addons plugin for WordPress is vulnerable to Directory Traversal in all...
Critical
Unreviewed
CVE-2024-5153
was published
Jun 6, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Critical
Unreviewed
CVE-2024-34551
was published
Jun 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Critical
Unreviewed
CVE-2024-33560
was published
Jun 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Critical
Unreviewed
CVE-2024-36104
was published
Jun 4, 2024
MileSight DeviceHub -
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path...
Critical
Unreviewed
CVE-2024-27776
was published
Jun 2, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Critical
Unreviewed
CVE-2024-31231
was published
May 17, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Critical
Unreviewed
CVE-2024-27954
was published
May 17, 2024
ProTip!
Advisories are also available from the
GraphQL API