GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
110 advisories
Filter by severity
Owncast Path Traversal vulnerability
Low
CVE-2024-31450
was published
for
github.com/owncast/owncast
(Go)
Aug 5, 2024
A path traversal vulnerability was reported in the Motorola Ready For application that could...
Low
Unreviewed
CVE-2023-41825
was published
May 3, 2024
JADX file override vulnerability
Low
GHSA-hvp5-5x4f-33fq
was published
for
io.github.skylot:jadx-core
(Maven)
Apr 22, 2024
phpMyFAQ Path Traversal in Attachments
Low
CVE-2024-29196
was published
for
phpmyfaq/phpmyfaq
(Composer)
Mar 25, 2024
Dell Unity, versions prior to 5.4, contain a path traversal vulnerability in its...
Low
Unreviewed
CVE-2024-22226
was published
Feb 12, 2024
A vulnerability, which was classified as problematic, was found in KDE Plasma Workspace up to 5...
Low
Unreviewed
CVE-2024-1433
was published
Feb 12, 2024
In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives
Low
Unreviewed
CVE-2024-24940
was published
Feb 6, 2024
Zoho ManageEngine ADAudit Plus before 7270 allows admin users to view names of arbitrary...
Low
Unreviewed
CVE-2023-50785
was published
Jan 25, 2024
The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does...
Low
Unreviewed
CVE-2023-2252
was published
Jan 16, 2024
A vulnerability was found in Inis up to 2.0.1. It has been rated as problematic. This issue...
Low
Unreviewed
CVE-2024-0341
was published
Jan 9, 2024
Duplicate Advisory: Malicious URL drafting attack against iodines static file server may allow path traversal
Low
GHSA-qwf7-rv77-fcr3
was published
for
iodine
(RubyGems)
Jan 4, 2024
•
withdrawn
Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in...
Low
Unreviewed
CVE-2024-20805
was published
Jan 4, 2024
Winter CMS Local File Inclusion through Server Side Template Injection
Low
CVE-2023-52085
was published
for
winter/wn-backend-module
(Composer)
Jan 2, 2024
Using the directory back payload (“/../”) in a package name allows placement of package in other folders.
Low
CVE-2023-49089
was published
for
Umbraco.CMS
(NuGet)
Dec 13, 2023
SAP Master Data Governance File Upload application allows an attacker to exploit insufficient...
Low
Unreviewed
CVE-2023-49058
was published
Dec 12, 2023
A vulnerability was found in ระบบบัญชีออนไลน์ Online Accounting System up to 1.4.0 and classified...
Low
Unreviewed
CVE-2018-25094
was published
Dec 3, 2023
The LifterLMS – WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to...
Low
Unreviewed
CVE-2023-6160
was published
Nov 22, 2023
It was discovered that Kibana was not validating a user supplied path, which would load .pbf...
Low
Unreviewed
CVE-2021-22151
was published
Nov 22, 2023
sbt vulnerable to arbitrary file write via archive extraction (Zip Slip)
Low
CVE-2023-46122
was published
for
org.scala-sbt:io_2.12
(Maven)
Oct 24, 2023
Pleroma Path Traversal vulnerability
Low
CVE-2023-5588
was published
for
pleroma
(Erlang)
Oct 16, 2023
A vulnerability was found in SATO CL4NX-J Plus 1.13.2-u455_r2. It has been rated as problematic....
Low
Unreviewed
CVE-2023-5327
was published
Oct 2, 2023
A vulnerability was found in WhiteHSBG JNDIExploit 1.4 on Windows. It has been rated as...
Low
Unreviewed
CVE-2023-5257
was published
Sep 29, 2023
A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR...
Low
Unreviewed
CVE-2023-5142
was published
Sep 25, 2023
sudo-rs Session File Relative Path Traversal vulnerability
Low
CVE-2023-42456
was published
for
sudo-rs
(Rust)
Sep 21, 2023
ProTip!
Advisories are also available from the
GraphQL API