Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,319
Erlang
31
GitHub Actions
21
Go
2,077
Maven
5,000+
npm
3,746
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

2,823 advisories

Loading
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-52371 was published Nov 14, 2024
Boa web server - CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path... High Unreviewed
CVE-2024-47916 was published Nov 14, 2024
Avigilon – CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') High Unreviewed
CVE-2024-45253 was published Nov 14, 2024
The Fuck Arbitrary File Deletion via Path Traversal High
CVE-2021-34363 was published for thefuck (pip) Jun 15, 2021
Craft CMS Arbitrary System File Read High
CVE-2024-52292 was published for craftcms/cms (Composer) Nov 13, 2024
pk2codes
Local File System Validation Bypass Leading to File Overwrite, Sensitive File Access, and Potential Code Execution High
CVE-2024-52291 was published for craftcms/cms (Composer) Nov 13, 2024
senzee1984
Craft CMS vulnerable to Potential Remote Code Execution via missing path normalization & Twig SSTI High
CVE-2024-52293 was published for craftcms/cms (Composer) Nov 13, 2024
rewhile
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-34787 was published Nov 13, 2024
All versions of the package source-map-support are vulnerable to Directory Traversal in the... High Unreviewed
CVE-2024-21540 was published Nov 13, 2024
The LUNA RADIO PLAYER plugin for WordPress is vulnerable to Directory Traversal in all versions... High Unreviewed
CVE-2024-10816 was published Nov 13, 2024
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0.... High Unreviewed
CVE-2024-46954 was published Nov 11, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-50322 was published Nov 12, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-50324 was published Nov 12, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-50329 was published Nov 12, 2024
The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2024-10626 was published Nov 9, 2024
In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Block path... High Unreviewed
CVE-2024-47742 was published Oct 21, 2024
changedetection.io path traversal using file URI scheme without supplying hostname High
CVE-2024-51998 was published for changedetection.io (pip) Nov 7, 2024
Erb3
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup... High Unreviewed
CVE-2023-21418 was published Nov 21, 2023
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del... High Unreviewed
CVE-2023-21415 was published Oct 16, 2023
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API... High Unreviewed
CVE-2023-21417 was published Nov 21, 2023
Moodle has CSRF risk in Feedback non-respondents report High
CVE-2024-43434 was published for moodle/moodle (Composer) Nov 7, 2024
In 2N Access Commander versions 3.1.1.2 and prior, a Path Traversal vulnerability could allow an... High Unreviewed
CVE-2024-47253 was published Nov 5, 2024
Path Traversal: '.../...//' vulnerability in ThimPress WP Hotel Booking allows PHP Local File... High Unreviewed
CVE-2024-51582 was published Nov 4, 2024
A Directory Traversal vulnerability in KasmVNC 1.3.1.230e50f7b89663316c70de7b0e3db6f6b9340489 and... High Unreviewed
CVE-2024-38449 was published Jun 17, 2024
OpenRefine has a path traversal in LoadLanguageCommand High
CVE-2024-49760 was published for org.openrefine:openrefine (Maven) Oct 24, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database