Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,884
Erlang
37
GitHub Actions
38
Go
2,546
Maven
5,000+
npm
4,207
NuGet
743
pip
3,979
Pub
12
RubyGems
947
Rust
1,034
Swift
45
Unreviewed advisories
All unreviewed
5,000+

155 advisories

Loading
The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3... Low Unreviewed
CVE-2010-0926 was published May 2, 2022
SurrealDB has local file read of 2-column TSV files via analyzers Low
GHSA-2cvj-g5r5-jrrg was published for surrealdb (Rust) Apr 10, 2025
cure53
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Low Unreviewed
CVE-2025-32205 was published Apr 10, 2025
unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".... Low Unreviewed
CVE-2006-0950 was published May 1, 2022
Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in... Low Unreviewed
CVE-2025-27726 was published Mar 28, 2025
A directory traversal issue was discovered in OpenSlides before 4.2.5. Files can be uploaded to... Low Unreviewed
CVE-2025-30343 was published Mar 21, 2025
A Path Traversal (Local File Inclusion) vulnerability in "BinaryFileRedirector.ashx" in CADClick... Low Unreviewed
CVE-2024-41511 was published Oct 4, 2024
Directory traversal vulnerability exists in Mailing List Search CGI (pmmls.exe) included in A.K.I... Low Unreviewed
CVE-2023-40160 was published Mar 18, 2024
In affected versions of Octopus Deploy it was possible to upload files to unexpected locations on... Low Unreviewed
CVE-2025-0526 was published Feb 11, 2025
A directory traversal vulnerability exists in the Mavenir SCE Application Provisioning Portal,... Low Unreviewed
CVE-2024-34521 was published Feb 13, 2025
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in... Low Unreviewed
CVE-2024-47266 was published Feb 13, 2025
Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in... Low Unreviewed
CVE-2024-28977 was published Apr 24, 2024
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability ... Low Unreviewed
CVE-2024-35274 was published Nov 12, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Low Unreviewed
CVE-2024-12425 was published Jan 7, 2025
IBM InfoSphere Information Server 11.7 could allow an authenticated privileged user to obtain the... Low Unreviewed
CVE-2023-50955 was published Feb 21, 2024
A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been classified as problematic.... Low Unreviewed
CVE-2024-1703 was published Feb 21, 2024
The game extension engine of versions 1.2.7.0 and earlier exposes some components, and attackers... Low Unreviewed
CVE-2024-46939 was published Nov 28, 2024
Agnai vulnerable to Relative Path Traversal in Image Upload Low
CVE-2024-47171 was published for agnai (npm) Sep 26, 2024
ropwareJB noe233
Agnai File Disclosure Vulnerability: JSON via Path Traversal Low
CVE-2024-47170 was published for agnai (npm) Sep 26, 2024
ropwareJB noe233
Directory Traversal vulnerability in GET/PUT allows attackers to Disclose Information or Write Files via a crafted GET/PUT request Low
CVE-2020-15239 was published for xmpp-http-upload (pip) Oct 6, 2020
ChristianTacke
Path traversal vulnerability in stripe-cli Low
CVE-2024-45401 was published for github.com/stripe/stripe-cli (Go) Sep 5, 2024
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted PyPI package Low
CVE-2022-23531 was published for guarddog (pip) Dec 2, 2022
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package Low
CVE-2022-23530 was published for guarddog (pip) Dec 5, 2022
Sim4n6
Kubernetes Secrets Store CSI Driver plugins arbitrary file write Low
CVE-2020-8567 was published for github.com/Azure/secrets-store-csi-driver-provider-azure (Go) May 24, 2022
Ansible Path Traversal vulnerability Low
CVE-2019-3828 was published for ansible (pip) Apr 15, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database