Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

6,014 advisories

Loading
The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that... Critical Unreviewed
CVE-2024-8752 was published Sep 16, 2024
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted PyPI package Moderate
CVE-2022-23531 was published for guarddog (pip) Dec 2, 2022
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package Moderate
CVE-2022-23530 was published for guarddog (pip) Dec 5, 2022
Sim4n6
Files on the host computer can be accessed from the Gradio interface High
CVE-2021-43831 was published for gradio (pip) Jan 21, 2022
haby0
Ganga allows absolute path traversal Critical
CVE-2022-31507 was published for ganga (pip) Jul 13, 2022
GitPython blind local file inclusion Moderate
CVE-2023-41040 was published for GitPython (pip) Aug 30, 2023
stsewd m3t3kh4n
EliahKagan
Flask-Cors Directory Traversal vulnerability High
CVE-2020-25032 was published for Flask-Cors (pip) May 6, 2021
Directory Traversal in Django Moderate
CVE-2021-28658 was published for Django (pip) Apr 8, 2021
Django Directory Traversal via archive.extract Moderate
CVE-2021-3281 was published for django (pip) Mar 18, 2021
Path Traversal in Django Moderate
CVE-2021-33203 was published for Django (pip) Jun 10, 2021
A vulnerability, which was classified as critical, was found in SourceCodester Simple Forum... Moderate Unreviewed
CVE-2024-9032 was published Sep 20, 2024
OMFLOW from The SYSCOM Group does not properly validate user input of the download functionality,... Moderate Unreviewed
CVE-2024-8778 was published Sep 16, 2024
Directory Traversal in the web interface of the Tiptel IP 286 with firmware version 2.61.13.10... Critical Unreviewed
CVE-2024-33109 was published Sep 19, 2024
Path Traversal in Django High
CVE-2021-31542 was published for Django (pip) Jun 4, 2021
tdunlap607
Directory-traversal in Django Moderate
CVE-2021-45452 was published for Django (pip) Jan 12, 2022
tdunlap607
Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to... Critical Unreviewed
CVE-2024-8963 was published Sep 19, 2024
Hoverfly allows an arbitrary file read in the `/api/v2/simulation` endpoint (`GHSL-2023-274`) High
CVE-2024-45388 was published for github.com/spectolabs/hoverfly (Go) Sep 3, 2024
pwntester
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the... Critical Unreviewed
CVE-2024-46376 was published Sep 18, 2024
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the... Critical Unreviewed
CVE-2024-46375 was published Sep 18, 2024
Relative path traversal in the Zoom Client SDK before version 5.15.0 may allow an unauthorized... Low Unreviewed
CVE-2023-34117 was published Jul 11, 2023
A path traversal vulnerability exists in the Rockwell Automation affected product. If exploited,... High Unreviewed
CVE-2024-7961 was published Sep 12, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-7609 was published Sep 11, 2024
Camaleon CMS vulnerable to arbitrary path traversal (GHSL-2024-183) High
CVE-2024-46987 was published for camaleon_cms (RubyGems) Sep 18, 2024
texpert
Camaleon CMS affected by arbitrary file write to RCE (GHSL-2024-182) High
CVE-2024-46986 was published for camaleon_cms (RubyGems) Sep 18, 2024
texpert
Mesop has a local file Inclusion via static file serving functionality High
CVE-2024-45601 was published for mesop (pip) Sep 18, 2024
Letm3through
ProTip! Advisories are also available from the GraphQL API