Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,766
Maven
5,000+
npm
4,371
NuGet
767
pip
4,144
Pub
12
RubyGems
962
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

266 advisories

Loading
Local file inclusion vulnerability in http4s Critical
CVE-2020-5280 was published for org.http4s:http4s-server_2.12 (Maven) Mar 25, 2020
Directory Traversal in nhouston Moderate
CVE-2014-8883 was published for nhouston (npm) Aug 31, 2020
Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which... Moderate Unreviewed
CVE-2021-32954 was published May 24, 2022
ZipSlip vulnerability in bblfshd Critical Unreviewed
CVE-2021-32825 was published May 24, 2022
mySCADA myDESIGNER Versions 8.20.0 and prior fails to properly validate contents of an imported... High Unreviewed
CVE-2021-43555 was published May 24, 2022
The affected product is vulnerable to directory traversal, which may allow an attacker to access... Critical Unreviewed
CVE-2022-2139 was published Jul 23, 2022
DNN vulnerable to Relative Path Traversal Moderate
CVE-2022-2922 was published for DotNetNuke.Core (NuGet) Oct 1, 2022
In some non-default installations of Esri Portal for ArcGIS versions 10.9.1 and below, a... High Unreviewed
CVE-2022-38205 was published Dec 29, 2022
A relative path traversal attack in the B. Braun OnlineSuite Version AP 3.0 and earlier allows... Critical Unreviewed
CVE-2020-25172 was published May 24, 2022
A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow... Moderate Unreviewed
CVE-2019-19287 was published May 24, 2022
Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 was discovered... Critical Unreviewed
CVE-2022-28814 was published Sep 29, 2022
There is a path traversal vulnerability in Esri ArcGIS Server versions 10.9.1 and below.... High Unreviewed
CVE-2022-38202 was published Dec 28, 2022
TZInfo relative path traversal vulnerability allows loading of arbitrary files High
CVE-2022-31163 was published for tzinfo (RubyGems) Jul 21, 2022
kratob
Credited to kratob
A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide... High Unreviewed
CVE-2021-34605 was published May 12, 2022
Directory traversal attack in Spring Cloud Config Moderate
CVE-2020-5405 was published for org.springframework.cloud:spring-cloud-config-server (Maven) Jun 5, 2020
Path Traversal in Eclipse Vert Critical
CVE-2019-17640 was published for io.vertx:vertx-web (Maven) Feb 10, 2022
A relative path traversal attack in the B. Braun Melsungen AG SpaceCom Version L81/U61 and... High Unreviewed
CVE-2020-25150 was published Apr 15, 2022
Relative Path Traversal in git-delta High
CVE-2021-36376 was published for git-delta (Rust) Aug 25, 2021
Path traversal in url-parse Moderate
CVE-2021-27515 was published for url-parse (npm) May 6, 2021
A vulnerability was found in MuYuCMS 2.2. It has been rated as problematic. Affected by this... High Unreviewed
CVE-2023-1045 was published Feb 26, 2023
A vulnerability was found in MuYuCMS 2.2. It has been classified as problematic. Affected is an... Moderate Unreviewed
CVE-2023-1043 was published Feb 26, 2023
A vulnerability was found in MuYuCMS 2.2. It has been declared as problematic. Affected by this... High Unreviewed
CVE-2023-1044 was published Feb 26, 2023
Kubernetes vulnerable to path traversal Moderate
CVE-2022-3162 was published for github.com/kubernetes/kubernetes (Go) Mar 1, 2023
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote... Moderate Unreviewed
CVE-2023-20066 was published Mar 23, 2023
Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficiently, which enables... Moderate Unreviewed
CVE-2022-2106 was published Jun 28, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database