GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
124 advisories
Filter by severity
An executable used in Rockwell Automation ThinManager ThinServer can be configured to enable an...
Moderate
Unreviewed
CVE-2023-2913
was published
Jul 18, 2023
SmartBPM.NET has a vulnerability of using hard-coded authentication key. An unauthenticated...
High
Unreviewed
CVE-2023-37288
was published
Jul 10, 2023
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics...
Moderate
Unreviewed
CVE-2022-42892
was published
Jul 6, 2023
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3,...
Low
Unreviewed
CVE-2022-42474
was published
Jun 13, 2023
A relative path traversal [CWE-23] in Fortinet FortiADC version 7.2.0 and before 7.1.1 allows a...
High
Unreviewed
CVE-2023-27993
was published
May 4, 2023
A relative path traversal vulnerability in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 -...
High
Unreviewed
CVE-2022-42470
was published
Apr 11, 2023
SAP CRM (WebClient UI) - versions S4FND 102, 103, 104, 105, 106, 107, WEBCUIF, 700, 701, 731, 730...
Moderate
Unreviewed
CVE-2023-29189
was published
Apr 11, 2023
The Metasploit Framework module "post/osx/gather/enum_osx module" is affected by a relative path...
Critical
Unreviewed
CVE-2020-7376
was published
May 24, 2022
The Metasploit Framework module "auxiliary/admin/http/telpho10_credential_dump" module is...
High
Unreviewed
CVE-2020-7377
was published
May 24, 2022
A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. It...
High
Unreviewed
CVE-2019-13408
was published
May 24, 2022
A vulnerability in Cisco Emergency Responder could allow an authenticated, remote attacker to...
Moderate
Unreviewed
CVE-2024-20352
was published
Apr 3, 2024
A vulnerability in the web-based interface of Cisco Unified Communications Manager IM & Presence...
Moderate
Unreviewed
CVE-2024-20310
was published
Apr 3, 2024
Dell OpenManage Enterprise, v4.0 and prior, contain(s) a path traversal vulnerability. An...
Moderate
Unreviewed
CVE-2024-25944
was published
Mar 29, 2024
Unitronics Unistream Unilogic – Versions prior to 1.35.227 -
CWE-23: Relative Path Traversal
High
Unreviewed
CVE-2024-27770
was published
Mar 18, 2024
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions ...
High
Unreviewed
CVE-2024-27199
was published
Mar 4, 2024
A user who is privileged already `manager` or `admin` can set their profile picture via the...
Critical
Unreviewed
CVE-2024-0550
was published
Feb 28, 2024
Dell Unity, versions prior to 5.4, contain a path traversal vulnerability in its...
Low
Unreviewed
CVE-2024-22226
was published
Feb 12, 2024
A relative path traversal in Fortinet FortiManager version 7.4.0 and 7.2.0 through 7.2.3 and 7.0...
High
Unreviewed
CVE-2023-42791
was published
Feb 20, 2024
: Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows...
Moderate
Unreviewed
CVE-2021-22281
was published
Feb 2, 2024
In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives
Moderate
Unreviewed
CVE-2024-24942
was published
Feb 6, 2024
In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives
Low
Unreviewed
CVE-2024-24940
was published
Feb 6, 2024
Helm dependency management path traversal
Moderate
CVE-2024-25620
was published
for
helm.sh/helm/v3
(Go)
Feb 15, 2024
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path...
Moderate
Unreviewed
CVE-2024-22096
was published
Feb 2, 2024
Relative Path Traversal (CWE-23) in chunked uploads in oneup/uploader-bundle
High
CVE-2020-5237
was published
for
oneup/uploader-bundle
(Composer)
Feb 18, 2020
A vulnerability in the NETCONF service of Cisco Network Services Orchestrator (NSO) could allow...
Moderate
Unreviewed
CVE-2023-20040
was published
Jan 20, 2023
ProTip!
Advisories are also available from the
GraphQL API