Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,109
Maven
5,000+
npm
3,765
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
887
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

606 advisories

Loading
In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after... Critical Unreviewed
CVE-2023-47246 was published Nov 10, 2023
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code... Critical Unreviewed
CVE-2023-35187 was published Oct 19, 2023
Various `node:fs` functions allow specifying paths as either strings or `Uint8Array` objects. In... Critical Unreviewed
CVE-2023-39332 was published Oct 18, 2023
Insufficient path validation when extracting a zip archive in South River Technologies' Titan MFT... Critical Unreviewed
CVE-2023-45685 was published Oct 16, 2023
A directory traversal vulnerability exists in the BIG-IP Configuration Utility that may allow an... Critical Unreviewed
CVE-2023-41373 was published Oct 10, 2023
A?CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')... Critical Unreviewed
CVE-2023-5399 was published Oct 4, 2023
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component... Critical Unreviewed
CVE-2023-44170 was published Sep 27, 2023
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component... Critical Unreviewed
CVE-2023-44171 was published Sep 27, 2023
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component... Critical Unreviewed
CVE-2023-44169 was published Sep 27, 2023
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component... Critical Unreviewed
CVE-2023-44172 was published Sep 27, 2023
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component... Critical Unreviewed
CVE-2023-43216 was published Sep 27, 2023
In WS_FTP Server version 8.7.0 prior to 8.7.4 and version 8.8.0 prior to 8.8.2, a directory... Critical Unreviewed
CVE-2023-42657 was published Sep 27, 2023
The Watchkit has a risk of unauthorized file access.Successful exploitation of this vulnerability... Critical Unreviewed
CVE-2023-39407 was published Sep 25, 2023
In Eclipse RAP versions from 3.0.0 up to and including 3.25.0, Remote Code Execution is possible... Critical Unreviewed
CVE-2023-4760 was published Sep 21, 2023
IBM Security Directory Server 7.2.0 could allow a remote attacker to traverse directories on the... Critical Unreviewed
CVE-2022-33164 was published Sep 8, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2023-4614 was published Sep 4, 2023
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2023-4613 was published Sep 4, 2023
IceWarp Mail Server v10.4.5 was discovered to contain a local file inclusion (LFI) vulnerability... Critical Unreviewed
CVE-2023-39699 was published Aug 25, 2023
Directory Traversal vulnerability in Contacts File Upload Interface in Yealink W60B version 77.83... Critical Unreviewed
CVE-2020-24113 was published Aug 23, 2023
In Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on... Critical Unreviewed
CVE-2023-26469 was published Aug 17, 2023
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation... Critical Unreviewed
CVE-2023-2915 was published Aug 17, 2023
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation... Critical Unreviewed
CVE-2023-2917 was published Aug 17, 2023
Directory Traversal vulnerability in Server functionalty in Even Balance Punkbuster version 1.902... Critical Unreviewed
CVE-2020-26037 was published Aug 16, 2023
Parameter verification vulnerability in the installd module. Successful exploitation of this... Critical Unreviewed
CVE-2023-39402 was published Aug 13, 2023
Parameter verification vulnerability in the installd module. Successful exploitation of this... Critical Unreviewed
CVE-2023-39400 was published Aug 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database