Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+

5,664 advisories

willdurand/js-translation-bundle potential path traversal attack and remote code injection Critical
GHSA-x86x-qhf8-f37w was published for willdurand/js-translation-bundle (Composer) Jun 7, 2024
ZendFramework local file inclusion vector in `Zend_View::setScriptPath()` and `render()` High
GHSA-hx3m-959f-v849 was published for zendframework/zendframework1 (Composer) Jun 7, 2024
Symlink bypasses filesystem sandbox Low
GHSA-55f3-3qvg-8pv5 was published for wasmer (Rust) Jun 7, 2024
yagehu
A path traversal vulnerability exists in the 'cyber_security/codeguard' native personality of the... High Unreviewed
CVE-2024-3322 was published Jun 6, 2024
The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its... Critical Unreviewed
CVE-2024-3234 was published Jun 6, 2024
A vulnerability in the `download_model_with_test_data` function of the onnx/onnx framework,... High Unreviewed
CVE-2024-5187 was published Jun 6, 2024
The file upload feature in OTRS and ((OTRS)) Community Edition has a path traversal vulnerability... Moderate Unreviewed
CVE-2024-23793 was published Jun 6, 2024
Unauthenticated Access to sensitive settings in Argo CD Moderate
CVE-2024-37152 was published for github.com/argoproj/argo-cd/v2/server (Go) Jun 6, 2024
moshikoHassan
NETGEAR ProSAFE Network Management System UpLoadServlet Directory Traversal Remote Code Execution... High Unreviewed
CVE-2024-5505 was published Jun 6, 2024
Local file inclusion in gradio High
CVE-2024-4941 was published for gradio (pip) Jun 6, 2024
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would... High Unreviewed
CVE-2024-28995 was published Jun 6, 2024
Arbitrary file read via Playwright's screenshot feature exploiting file wrapper Moderate
GHSA-665w-mwrr-77q3 was published for @jmondi/url-to-png (npm) Jun 5, 2024
timoxoszt jasonraimondi
malicious container creates symlink "mtab" on the host External High
CVE-2024-5154 was published for github.com/cri-o/cri-o (Go) Jun 4, 2024
eriksjolund
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-33541 was published Jun 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-34384 was published Jun 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-33560 was published Jun 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-34552 was published Jun 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-33557 was published Jun 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-34554 was published Jun 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Deserialization... High Unreviewed
CVE-2024-33568 was published Jun 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-35634 was published Jun 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-33628 was published Jun 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-34551 was published Jun 4, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Unknown Unreviewed
CVE-2024-36104 was published Jun 4, 2024
MileSight DeviceHub - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path... Critical Unreviewed
CVE-2024-27776 was published Jun 2, 2024
ProTip! Advisories are also available from the GraphQL API