Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

542 advisories

Loading
Kubernetes kubelet arbitrary command execution High
CVE-2024-10220 was published for k8s.io/kubernetes (Go) Nov 22, 2024
DotNetZip Directory Traversal vulnerability High
CVE-2024-48510 was published for DotNetZip (NuGet) Nov 13, 2024
Foorcee
GitHub Security Lab (GHSL) Vulnerability Report: Arbitary write GHSL-2023-182 High
CVE-2023-50731 was published for mindsdb (pip) Dec 15, 2023
sylwia-budzynska
Unpatched Remote Code Execution in Gogs High
CVE-2024-44625 was published for gogs.io/gogs (Go) Nov 15, 2024
Remote Code Execution via traversal in TAL expressions High
CVE-2021-32674 was published for Zope (pip) Jun 8, 2021
Remote Code Execution via traversal in TAL expressions High
CVE-2021-32633 was published for Zope (pip) Jun 18, 2021
Duplicate Advisory: Path Traversal in Zope High
GHSA-5vq5-pg3r-9ph3 was published for Zope (pip) Jun 10, 2021 withdrawn
Duplicate Advisory: Path Traversal in Zope High
GHSA-962m-m8jw-8wrr was published for Zope (pip) Jun 15, 2021 withdrawn
uWSGI Directory Traversal vulnerability High
CVE-2018-7490 was published for uWSGI (pip) May 14, 2022
Tryton Directory Traversal vulnerability High
CVE-2013-4510 was published for trytond (pip) May 17, 2022
Jenkins Remoting library arbitrary file read vulnerability High
CVE-2024-43044 was published for org.jenkins-ci.main:jenkins-core (Maven) Aug 7, 2024
aiohttp is vulnerable to directory traversal High
CVE-2024-23334 was published for aiohttp (pip) Jan 29, 2024
lcttty solarpeng502
Apache Airflow Path Traversal vulnerability High
CVE-2023-22887 was published for apache-airflow (pip) Jul 12, 2023
sunSUNQ
The Fuck Arbitrary File Deletion via Path Traversal High
CVE-2021-34363 was published for thefuck (pip) Jun 15, 2021
Craft CMS Arbitrary System File Read High
CVE-2024-52292 was published for craftcms/cms (Composer) Nov 13, 2024
pk2codes
Craft CMS vulnerable to Potential Remote Code Execution via missing path normalization & Twig SSTI High
CVE-2024-52293 was published for craftcms/cms (Composer) Nov 13, 2024
nullchilly
changedetection.io path traversal using file URI scheme without supplying hostname High
CVE-2024-51998 was published for changedetection.io (pip) Nov 7, 2024
Erb3
Moodle has CSRF risk in Feedback non-respondents report High
CVE-2024-43434 was published for moodle/moodle (Composer) Nov 7, 2024
OpenRefine has a path traversal in LoadLanguageCommand High
CVE-2024-49760 was published for org.openrefine:openrefine (Maven) Oct 24, 2024
Path traversal vulnerability in functional web frameworks High
CVE-2024-38816 was published for org.springframework:spring-webflux (Maven) Sep 13, 2024
Malayke AlexeyTsvetkov
Duplicate Advisory: Reposilite Arbitrary File Read vulnerability High
CVE-2024-36117 was published for com.reposilite:reposilite-backend (Maven) Aug 5, 2024 withdrawn
Reposilite vulnerable to path traversal while serving javadoc expanded files (arbitrary file read) (`GHSL-2024-074`) High
GHSA-82j3-hf72-7x93 was published for com.reposilite:reposilite-backend (Maven) Nov 4, 2024
artsploit
Hashicorp Consul Path Traversal vulnerability High
CVE-2024-10005 was published for github.com/hashicorp/consul (Go) Oct 31, 2024
Adguard Home arbitrary file read vulnerability High
CVE-2024-36814 was published for github.com/AdguardTeam/AdGuardHome (Go) Oct 8, 2024
itz-d0dgy
ProTip! Advisories are also available from the GraphQL API