GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
113 advisories
Filter by severity
A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated,...
High
Unreviewed
CVE-2024-20449
was published
Oct 2, 2024
An incorrect limitation of a path to a restricted directory (path traversal) has been detected in...
Moderate
Unreviewed
CVE-2024-9405
was published
Oct 1, 2024
@backstage/plugin-techdocs-backend storage bucket Directory Traversal vulnerability
Moderate
CVE-2024-45816
was published
for
@backstage/plugin-techdocs-backend
(npm)
Sep 17, 2024
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-43454
was published
Sep 10, 2024
Windows Remote Desktop Licensing Service Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-38258
was published
Sep 10, 2024
Mobile Security Framework (MobSF) has a Zip Slip Vulnerability in .a Static Library Files
High
CVE-2024-43399
was published
for
mobsf
(pip)
Aug 19, 2024
Raiden MAILD Remote Management System from Team Johnlong Software has a Relative Path Traversal...
High
Unreviewed
CVE-2024-7693
was published
Aug 12, 2024
Relative Path Traversal in GitHub repository stitionai/devika prior to -.
High
Unreviewed
CVE-2024-6433
was published
Jul 10, 2024
CHANGING Mobile One Time Password does not properly filter parameters for the file download...
Moderate
Unreviewed
CVE-2024-3122
was published
Jul 1, 2024
Relative Path Traversal in GitHub repository stitionai/devika prior to -.
High
Unreviewed
CVE-2024-5547
was published
Jun 27, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 on DDMC...
Moderate
Unreviewed
CVE-2024-37138
was published
Jun 26, 2024
Path traversal vulnerability in the web server of the Toshiba printer enables attacker to...
High
Unreviewed
CVE-2024-3497
was published
Jun 14, 2024
If exploited an attacker could traverse the file system to access
files or directories that...
Unknown
Unreviewed
CVE-2024-2461
was published
Jun 11, 2024
path traversal vulnerability was identified in the parisneo/lollms-webui
Moderate
CVE-2024-4330
was published
for
lollms
(pip)
Jun 2, 2024
gix traversal outside working tree enables arbitrary code execution
High
CVE-2024-35186
was published
for
gitoxide
(Rust)
May 22, 2024
Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker
to write...
Critical
Unreviewed
CVE-2023-3941
was published
May 21, 2024
Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker
to access...
High
Unreviewed
CVE-2023-3940
was published
May 21, 2024
A specially crafted Zip file containing path traversal characters can be
imported to the ...
High
Unreviewed
CVE-2024-33615
was published
May 15, 2024
Oceanic allows unsanitized user input to lead to path traversal in URLs
Moderate
CVE-2024-34712
was published
for
oceanic.js
(npm)
May 14, 2024
Windows Hyper-V Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-30010
was published
May 14, 2024
mintplex-labs/anything-llm is vulnerable to a relative path traversal attack, allowing...
High
Unreviewed
CVE-2024-0549
was published
Apr 16, 2024
NiceGUI allows potential access to local file system
High
CVE-2024-32005
was published
for
nicegui
(pip)
Apr 12, 2024
Mautic vulnerable to Relative Path Traversal / Arbitrary File Deletion due to GrapesJS builder
High
CVE-2021-27916
was published
for
mautic/core
(Composer)
Apr 12, 2024
mintplex-labs/anything-llm is vulnerable to path traversal attacks due to insufficient validation...
Critical
Unreviewed
CVE-2024-3025
was published
Apr 10, 2024
ProTip!
Advisories are also available from the
GraphQL API