GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
155 advisories
Filter by severity
Mesop has a local file Inclusion via static file serving functionality
High
CVE-2024-45601
was published
for
mesop
(pip)
Sep 18, 2024
Composio Path Traversal vulnerability
Moderate
CVE-2024-8865
was published
for
composio-core
(pip)
Sep 16, 2024
Mage AI Path Traversal vulnerability
Moderate
CVE-2024-45189
was published
for
mage-ai
(pip)
Aug 23, 2024
Mage AI Path Traversal vulnerability
Moderate
CVE-2024-45188
was published
for
mage-ai
(pip)
Aug 23, 2024
Mobile Security Framework (MobSF) has a Zip Slip Vulnerability in .a Static Library Files
High
CVE-2024-43399
was published
for
mobsf
(pip)
Aug 19, 2024
Path traveral in Streamlit on windows
Moderate
CVE-2024-42474
was published
for
streamlit
(pip)
Aug 12, 2024
Weave server API vulnerable to arbitrary file leak
High
CVE-2024-7340
was published
for
weave
(pip)
Jul 31, 2024
TorchServe vulnerable to bypass of allowed_urls configuration
Critical
CVE-2024-35198
was published
for
torchserve
(pip)
Jul 18, 2024
lollms path traversal vulnerability allows overriding of config.yaml file, leading to RCE
High
CVE-2024-5824
was published
for
lollms
(pip)
Jun 27, 2024
lollms vulnerable to path traversal due to unauthenticated root folder settings change
High
CVE-2024-6085
was published
for
lollms
(pip)
Jun 27, 2024
Directory creation by malicious user in saltstack
Moderate
CVE-2024-22231
was published
for
salt
(pip)
Jun 27, 2024
CodeChecker has a Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store`
Moderate
CVE-2023-49793
was published
for
codechecker
(pip)
Jun 24, 2024
parisneo/lollms Local File Inclusion (LFI) attack
Critical
CVE-2024-4315
was published
for
lollms
(pip)
Jun 12, 2024
Litestar and Starlite vulnerable to Path Traversal
High
CVE-2024-32982
was published
for
litestar
(pip)
May 6, 2024
langchain vulnerable to path traversal
Moderate
CVE-2024-3571
was published
for
langchain
(pip)
Apr 16, 2024
ProTip!
Advisories are also available from the
GraphQL API