GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
6,333 advisories
Filter by severity
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-52371
was published
Nov 14, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-52378
was published
Nov 14, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-52396
was published
Nov 14, 2024
Absolute path traversal (incorrect restriction of a path to a restricted directory) vulnerability...
Moderate
Unreviewed
CVE-2024-11215
was published
Nov 14, 2024
A Directory listing issue was found in PHPGurukul User Registration & Login and User Management...
Moderate
Unreviewed
CVE-2024-50843
was published
Nov 14, 2024
A vulnerability was found in EyouCMS 1.51. It has been rated as critical. This issue affects the...
Moderate
Unreviewed
CVE-2024-11210
was published
Nov 14, 2024
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated...
Moderate
Unreviewed
CVE-2024-2552
was published
Nov 14, 2024
Avigilon – CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
High
Unreviewed
CVE-2024-45253
was published
Nov 14, 2024
Boa web server - CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path...
High
Unreviewed
CVE-2024-47916
was published
Nov 14, 2024
Path traversal for some Intel(R) Extension for Transformers software before version 1.5 may allow...
Moderate
Unreviewed
CVE-2024-21799
was published
Nov 13, 2024
DotNetZip Directory Traversal vulnerability
High
CVE-2024-48510
was published
for
DotNetZip
(NuGet)
Nov 13, 2024
Craft CMS vulnerable to Potential Remote Code Execution via missing path normalization & Twig SSTI
High
CVE-2024-52293
was published
for
craftcms/cms
(Composer)
Nov 13, 2024
Craft CMS Arbitrary System File Read
High
CVE-2024-52292
was published
for
craftcms/cms
(Composer)
Nov 13, 2024
Local File System Validation Bypass Leading to File Overwrite, Sensitive File Access, and Potential Code Execution
High
CVE-2024-52291
was published
for
craftcms/cms
(Composer)
Nov 13, 2024
All versions of the package source-map-support are vulnerable to Directory Traversal in the...
High
Unreviewed
CVE-2024-21540
was published
Nov 13, 2024
The LUNA RADIO PLAYER plugin for WordPress is vulnerable to Directory Traversal in all versions...
High
Unreviewed
CVE-2024-10816
was published
Nov 13, 2024
The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file deletion due...
Critical
Unreviewed
CVE-2024-11150
was published
Nov 13, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6...
High
Unreviewed
CVE-2024-34787
was published
Nov 13, 2024
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability ...
Moderate
Unreviewed
CVE-2024-32117
was published
Nov 12, 2024
matrix-js-sdk has insufficient MXC URI validation which allows client-side path traversal
Moderate
CVE-2024-50336
was published
for
matrix-js-sdk
(npm)
Nov 12, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6...
High
Unreviewed
CVE-2024-50329
was published
Nov 12, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6...
High
Unreviewed
CVE-2024-50322
was published
Nov 12, 2024
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6...
High
Unreviewed
CVE-2024-50324
was published
Nov 12, 2024
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All...
Moderate
Unreviewed
CVE-2024-50559
was published
Nov 12, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected...
Critical
Unreviewed
CVE-2024-46888
was published
Nov 12, 2024
ProTip!
Advisories are also available from the
GraphQL API