Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

111 advisories

Loading
A vulnerability in the web-based interface of Cisco Unified Communications Manager IM & Presence... Moderate Unreviewed
CVE-2024-20310 was published Apr 3, 2024
Dell OpenManage Enterprise, v4.0 and prior, contain(s) a path traversal vulnerability. An... Moderate Unreviewed
CVE-2024-25944 was published Mar 29, 2024
The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied... High Unreviewed
CVE-2024-2053 was published Mar 21, 2024
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-23: Relative Path Traversal High Unreviewed
CVE-2024-27770 was published Mar 18, 2024
An improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in... Moderate Unreviewed
CVE-2024-22398 was published Mar 14, 2024
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions ... High Unreviewed
CVE-2024-27199 was published Mar 4, 2024
A user who is privileged already `manager` or `admin` can set their profile picture via the... Critical Unreviewed
CVE-2024-0550 was published Feb 28, 2024
A relative path traversal in Fortinet FortiManager version 7.4.0 and 7.2.0 through 7.2.3 and 7.0... High Unreviewed
CVE-2023-42791 was published Feb 20, 2024
Helm dependency management path traversal Moderate
CVE-2024-25620 was published for helm.sh/helm/v3 (Go) Feb 15, 2024
dominykas
registry-support: decompress can delete files outside scope via relative paths High
CVE-2024-1485 was published for github.com/devfile/registry-support/registry-library (Go) Feb 14, 2024
cebarks
Dell Unity, versions prior to 5.4, contain a path traversal vulnerability in its... Low Unreviewed
CVE-2024-22226 was published Feb 12, 2024
In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL... Moderate Unreviewed
CVE-2024-24938 was published Feb 6, 2024
In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives Low Unreviewed
CVE-2024-24940 was published Feb 6, 2024
In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives Moderate Unreviewed
CVE-2024-24942 was published Feb 6, 2024
: Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows... Moderate Unreviewed
CVE-2021-22281 was published Feb 2, 2024
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path... Moderate Unreviewed
CVE-2024-22096 was published Feb 2, 2024
Unsecured endpoints in the jupyter-lsp server extension High
CVE-2024-22415 was published for jupyter-lsp (pip) Jan 18, 2024
NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where, when it is... High Unreviewed
CVE-2023-31036 was published Jan 12, 2024
A path traversal vulnerability has been detected in Repox, which allows an attacker to read... High Unreviewed
CVE-2023-6722 was published Dec 13, 2023
A vulnerability classified as critical was found in jeecgboot JimuReport up to 1.6.1. Affected by... Moderate Unreviewed
CVE-2023-6307 was published Nov 27, 2023
A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5... High Unreviewed
CVE-2023-42783 was published Nov 14, 2023
A CWE-23: Relative Path Traversal vulnerability exists in Telit Cinterion BGS5, Telit Cinterion... Moderate Unreviewed
CVE-2023-47613 was published Nov 9, 2023
Parse Server may crash when uploading file without extension High
CVE-2023-46119 was published for parse-server (npm) Oct 24, 2023
chriscborg mtrezza
Relative path traversal vulnerability in Setelsa Security's ConacWin CB, in its 3.8.2.2 version... High Unreviewed
CVE-2023-3512 was published Oct 4, 2023
Aqua Drive, in its 2.4 version, is vulnerable to a relative path traversal vulnerability. By... High Unreviewed
CVE-2023-3701 was published Oct 4, 2023
ProTip! Advisories are also available from the GraphQL API