Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

6,412 advisories

Loading
A vulnerability, which was classified as problematic, has been found in JoeyBling bootplus up to... Moderate Unreviewed
CVE-2025-0703 was published Jan 24, 2025
MLflow has a Local File Read/Path Traversal bypass High
CVE-2024-3848 was published for mlflow (pip) May 16, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-24611 was published Jan 24, 2025
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated... Moderate Unreviewed
CVE-2024-2552 was published Nov 14, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-23422 was published Jan 24, 2025
The Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget... High Unreviewed
CVE-2024-13409 was published Jan 24, 2025
The Bootstrap Ultimate theme for WordPress is vulnerable to Local File Inclusion in all versions... Critical Unreviewed
CVE-2024-13545 was published Jan 24, 2025
PaddlePaddle Path Traversal vulnerability Critical
CVE-2024-0818 was published for paddlepaddle (pip) Mar 7, 2024
The functionality for file download in HGiga OAKlouds' certain modules contains an Arbitrary File... Critical Unreviewed
CVE-2024-26261 was published Feb 15, 2024
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files... Critical Unreviewed
CVE-2018-14847 was published May 14, 2022
Arbitrary file upload, deletion and read through header manipulation Moderate Unreviewed
CVE-2024-55926 was published Jan 23, 2025
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the... High Unreviewed
CVE-2023-42232 was published Jan 14, 2025
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the... High Unreviewed
CVE-2023-42225 was published Jan 14, 2025
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via Email... High Unreviewed
CVE-2023-42226 was published Jan 14, 2025
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the... High Unreviewed
CVE-2023-42227 was published Jan 14, 2025
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal.... Moderate Unreviewed
CVE-2023-42229 was published Jan 14, 2025
BigFix Patch Download Plug-ins are affected by path traversal vulnerability. The application... Moderate Unreviewed
CVE-2024-42187 was published Jan 23, 2025
Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote... High Unreviewed
CVE-2016-3976 was published Apr 30, 2022
Onnx Directory Traversal vulnerability High
CVE-2024-27318 was published for onnx (pip) Feb 23, 2024
iarspider
@actions/artifact has an Arbitrary File Write via artifact extraction High
CVE-2024-42471 was published for @actions/artifact (npm) Sep 3, 2024
JLHwung
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Directory... High Unreviewed
CVE-2024-1974 was published Apr 9, 2024
Relative Path Traversal vulnerability in Webangon The Pack Elementor addons allows PHP Local File... High Unreviewed
CVE-2024-50453 was published Oct 28, 2024
PrinterLogic Windows Client through 25.0.0.676 allows attackers to execute directory traversal.... High Unreviewed
CVE-2022-32427 was published Aug 26, 2022
@actions/download-artifact has an Arbitrary File Write via artifact extraction High
GHSA-cxww-7g56-2vh6 was published for actions/download-artifact (GitHub Actions) Sep 3, 2024
holmanb
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-23562 was published Jan 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database