GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
63 advisories
Filter by severity
Gradio vulnerable to arbitrary file read with File and UploadButton components
Moderate
CVE-2024-51751
was published
for
gradio
(pip)
Nov 6, 2024
changedetection.io Path Traversal
Moderate
CVE-2024-51483
was published
for
changedetection.io
(pip)
Nov 1, 2024
MPXJ has a Potential Path Traversal Vulnerability
Moderate
CVE-2024-49771
was published
for
MPXJ.Net
(RubyGems)
Oct 28, 2024
Werkzeug safe_join not safe on Windows
Moderate
CVE-2024-49766
was published
for
Werkzeug
(pip)
Oct 25, 2024
Gradio has several components with post-process steps allow arbitrary file leaks
Moderate
CVE-2024-47868
was published
for
gradio
(pip)
Oct 10, 2024
Gradio has a one-level read path traversal in `/custom_component`
Moderate
CVE-2024-47166
was published
for
gradio
(pip)
Oct 10, 2024
Gradio's `is_in_or_equal` function may be bypassed
Moderate
CVE-2024-47164
was published
for
gradio
(pip)
Oct 10, 2024
open-webui allows writing and deleting arbitrary files
Moderate
CVE-2024-7037
was published
for
open-webui
(pip)
Oct 9, 2024
Composio Path Traversal vulnerability
Moderate
CVE-2024-8865
was published
for
composio-core
(pip)
Sep 16, 2024
Mage AI Path Traversal vulnerability
Moderate
CVE-2024-45188
was published
for
mage-ai
(pip)
Aug 23, 2024
Mage AI Path Traversal vulnerability
Moderate
CVE-2024-45189
was published
for
mage-ai
(pip)
Aug 23, 2024
Path traveral in Streamlit on windows
Moderate
CVE-2024-42474
was published
for
streamlit
(pip)
Aug 12, 2024
Directory creation by malicious user in saltstack
Moderate
CVE-2024-22231
was published
for
salt
(pip)
Jun 27, 2024
CodeChecker has a Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store`
Moderate
CVE-2023-49793
was published
for
codechecker
(pip)
Jun 24, 2024
langchain vulnerable to path traversal
Moderate
CVE-2024-3571
was published
for
langchain
(pip)
Apr 16, 2024
Whoogle Search Path Traversal vulnerability
Moderate
CVE-2024-22204
was published
for
whoogle-search
(pip)
Mar 14, 2024
Ansible symlink attack vulnerability
Moderate
CVE-2023-5115
was published
for
ansible
(pip)
Dec 28, 2023
Ansible galaxy-importer Path Traversal vulnerability
Moderate
CVE-2023-5189
was published
for
galaxy-importer
(pip)
Nov 15, 2023
Wagtail CRX CodeRed Extensions vulnerable to Path Traversal
Moderate
CVE-2021-46897
was published
for
coderedcms
(pip)
Oct 22, 2023
GitPython blind local file inclusion
Moderate
CVE-2023-41040
was published
for
GitPython
(pip)
Aug 30, 2023
Pyramid static view path traversal up one directory
Moderate
CVE-2023-40587
was published
for
pyramid
(pip)
Aug 25, 2023
Starlette has Path Traversal vulnerability in StaticFiles
Moderate
CVE-2023-29159
was published
for
starlette
(pip)
May 17, 2023
pretalx allows path traversal in HTML export
Moderate
CVE-2023-28458
was published
for
pretalx
(pip)
Apr 20, 2023
Arbitrary file write in mindsdb when Extracting Tarballs retrieved from a remote location
Moderate
CVE-2022-23522
was published
for
mindsdb
(pip)
Mar 30, 2023
ProTip!
Advisories are also available from the
GraphQL API