GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,045 advisories
Statamic CMS has a Path Traversal in Asset Upload
Moderate
CVE-2024-52600
was published
for
statamic/cms
(Composer)
Nov 19, 2024
GitPython blind local file inclusion
Moderate
CVE-2023-41040
was published
for
GitPython
(pip)
Aug 30, 2023
Directory Traversal vulnerability in GET/PUT allows attackers to Disclose Information or Write Files via a crafted GET/PUT request
Low
CVE-2020-15239
was published
for
xmpp-http-upload
(pip)
Oct 6, 2020
DotNetZip Directory Traversal vulnerability
High
CVE-2024-48510
was published
for
DotNetZip
(NuGet)
Nov 13, 2024
webcrack has an Arbitrary File Write Vulnerability on Windows when Parsing and Saving a Malicious Bundle
Moderate
CVE-2024-43373
was published
for
webcrack
(npm)
Aug 14, 2024
aiohttp is vulnerable to directory traversal
High
CVE-2024-23334
was published
for
aiohttp
(pip)
Jan 29, 2024
GitHub Security Lab (GHSL) Vulnerability Report: Arbitary write GHSL-2023-182
High
CVE-2023-50731
was published
for
mindsdb
(pip)
Dec 15, 2023
Apache Airflow Path Traversal vulnerability
High
CVE-2023-22887
was published
for
apache-airflow
(pip)
Jul 12, 2023
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package
Low
CVE-2022-23530
was published
for
guarddog
(pip)
Dec 5, 2022
ProTip!
Advisories are also available from the
GraphQL API