Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

6,334 advisories

Loading
FitNesse Path Traversal Moderate
CVE-2024-42499 was published for org.fitnesse:fitnesse (Maven) Nov 15, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-52371 was published Nov 14, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-52378 was published Nov 14, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-52396 was published Nov 14, 2024
A vulnerability was found in EyouCMS 1.51. It has been rated as critical. This issue affects the... Moderate Unreviewed
CVE-2024-11210 was published Nov 14, 2024
Absolute path traversal (incorrect restriction of a path to a restricted directory) vulnerability... Moderate Unreviewed
CVE-2024-11215 was published Nov 14, 2024
A Directory listing issue was found in PHPGurukul User Registration & Login and User Management... Moderate Unreviewed
CVE-2024-50843 was published Nov 14, 2024
Avigilon – CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') High Unreviewed
CVE-2024-45253 was published Nov 14, 2024
Boa web server - CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path... High Unreviewed
CVE-2024-47916 was published Nov 14, 2024
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated... Moderate Unreviewed
CVE-2024-2552 was published Nov 14, 2024
Path traversal for some Intel(R) Extension for Transformers software before version 1.5 may allow... Moderate Unreviewed
CVE-2024-21799 was published Nov 13, 2024
DotNetZip Directory Traversal vulnerability High
CVE-2024-48510 was published for DotNetZip (NuGet) Nov 13, 2024
Foorcee
Craft CMS vulnerable to Potential Remote Code Execution via missing path normalization & Twig SSTI High
CVE-2024-52293 was published for craftcms/cms (Composer) Nov 13, 2024
nullchilly
Craft CMS Arbitrary System File Read High
CVE-2024-52292 was published for craftcms/cms (Composer) Nov 13, 2024
pk2codes
Local File System Validation Bypass Leading to File Overwrite, Sensitive File Access, and Potential Code Execution High
CVE-2024-52291 was published for craftcms/cms (Composer) Nov 13, 2024
senzee1984
All versions of the package source-map-support are vulnerable to Directory Traversal in the... High Unreviewed
CVE-2024-21540 was published Nov 13, 2024
The LUNA RADIO PLAYER plugin for WordPress is vulnerable to Directory Traversal in all versions... High Unreviewed
CVE-2024-10816 was published Nov 13, 2024
The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file deletion due... Critical Unreviewed
CVE-2024-11150 was published Nov 13, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-34787 was published Nov 13, 2024
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability ... Moderate Unreviewed
CVE-2024-32117 was published Nov 12, 2024
matrix-js-sdk has insufficient MXC URI validation which allows client-side path traversal Moderate
CVE-2024-50336 was published for matrix-js-sdk (npm) Nov 12, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-50329 was published Nov 12, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-50322 was published Nov 12, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-50324 was published Nov 12, 2024
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All... Moderate Unreviewed
CVE-2024-50559 was published Nov 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database