GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,996
Maven
5,000+
npm
3,709
NuGet
661
pip
3,349
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
6,245 advisories
Filter by severity
Langchain Path Traversal vulnerability
Moderate
CVE-2024-7774
was published
for
langchain
(npm)
Oct 29, 2024
A path traversal vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The...
Critical
Unreviewed
CVE-2024-5982
was published
Oct 29, 2024
An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to...
High
Unreviewed
CVE-2024-7962
was published
Oct 29, 2024
A path deletion vulnerability was addressed by preventing vulnerable code from running with...
High
Unreviewed
CVE-2024-44159
was published
Oct 28, 2024
A path handling issue was addressed with improved logic. This issue is fixed in visionOS 2.1, iOS...
High
Unreviewed
CVE-2024-44255
was published
Oct 28, 2024
Path transversal in some Intel(R) VROC software before version 8.0.8.1001 may allow an...
High
Unreviewed
CVE-2023-35003
was published
Oct 28, 2024
MPXJ has a Potential Path Traversal Vulnerability
Moderate
CVE-2024-49771
was published
for
MPXJ.Net
(RubyGems)
Oct 28, 2024
An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Mango API before 4.5.5 allows...
Critical
Unreviewed
CVE-2024-37847
was published
Oct 25, 2024
SQL injection in funadmin
High
CVE-2024-48224
was published
for
funadmin/funadmin
(Composer)
Oct 25, 2024
Werkzeug safe_join not safe on Windows
Moderate
CVE-2024-49766
was published
for
Werkzeug
(pip)
Oct 25, 2024
A vulnerability classified as problematic was found in ESAFENET CDG 5. Affected by this...
Moderate
Unreviewed
CVE-2024-10379
was published
Oct 25, 2024
In sm_mem_compat_get_vmm_obj of lib/sm/shared_mem.c, there is a possible arbitrary physical...
High
Unreviewed
CVE-2024-47027
was published
Oct 25, 2024
Sharp and Toshiba Tec MFPs improperly process URI data in HTTP PUT requests resulting in a path...
Moderate
Unreviewed
CVE-2024-45842
was published
Oct 25, 2024
The BuddyPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to,...
High
Unreviewed
CVE-2024-10011
was published
Oct 25, 2024
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,...
High
Unreviewed
CVE-2024-45262
was published
Oct 24, 2024
OpenRefine has a path traversal in LoadLanguageCommand
High
CVE-2024-49760
was published
for
org.openrefine:openrefine
(Maven)
Oct 24, 2024
iniNet Solutions SpiderControl SCADA PC HMI Editor has a path traversal
vulnerability. When the...
High
Unreviewed
CVE-2024-10313
was published
Oct 24, 2024
Butterfly has path/URL confusion in resource handling leading to multiple weaknesses
Critical
CVE-2024-47883
was published
for
org.openrefine.dependencies:butterfly
(Maven)
Oct 24, 2024
RockOA v2.6.5 is vulnerable to Directory Traversal in webmain/system/beifen/beifenAction.php.
Moderate
Unreviewed
CVE-2024-48213
was published
Oct 24, 2024
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center ...
Moderate
Unreviewed
CVE-2024-20379
was published
Oct 23, 2024
Kieback & Peter's DDC4000 series is vulnerable to a path traversal vulnerability, which may allow...
Critical
Unreviewed
CVE-2024-41717
was published
Oct 23, 2024
A post-authentication arbitrary file read vulnerability within the server plugins section in...
High
Unreviewed
CVE-2024-35308
was published
Oct 22, 2024
A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8...
High
Unreviewed
CVE-2024-41713
was published
Oct 21, 2024
In the Linux kernel, the following vulnerability has been resolved:
firmware_loader: Block path...
High
Unreviewed
CVE-2024-47742
was published
Oct 21, 2024
Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing...
High
Unreviewed
CVE-2024-10200
was published
Oct 21, 2024
ProTip!
Advisories are also available from the
GraphQL API