GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
67 advisories
Filter by severity
Upload of file to arbitrary path in Apache Flink
High
CVE-2020-17518
was published
for
org.apache.flink:flink-runtime
(Maven)
Feb 9, 2022
A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5...
High
Unreviewed
CVE-2023-42783
was published
Nov 14, 2023
Parse Server may crash when uploading file without extension
High
CVE-2023-46119
was published
for
parse-server
(npm)
Oct 24, 2023
Cecil Path Traversal vulnerability
High
CVE-2023-4914
was published
for
cecil/cecil
(Composer)
Sep 12, 2023
Relative Path Traversal in GitHub repository mintplex-labs/anything-llm prior to 0.0.1.
High
Unreviewed
CVE-2023-4897
was published
Sep 11, 2023
The affected products are vulnerable to directory traversal, which may allow an attacker to...
High
Unreviewed
CVE-2022-1661
was published
Jun 3, 2022
The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a...
High
Unreviewed
CVE-2022-1373
was published
Aug 18, 2022
A vulnerability was found in MuYuCMS 2.2. It has been declared as problematic. Affected by this...
High
Unreviewed
CVE-2023-1044
was published
Feb 26, 2023
A vulnerability was found in MuYuCMS 2.2. It has been rated as problematic. Affected by this...
High
Unreviewed
CVE-2023-1045
was published
Feb 26, 2023
Relative Path Traversal in git-delta
High
CVE-2021-36376
was published
for
git-delta
(Rust)
Aug 25, 2021
A relative path traversal attack in the B. Braun Melsungen AG SpaceCom Version L81/U61 and...
High
Unreviewed
CVE-2020-25150
was published
Apr 15, 2022
A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide...
High
Unreviewed
CVE-2021-34605
was published
May 12, 2022
TZInfo relative path traversal vulnerability allows loading of arbitrary files
High
CVE-2022-31163
was published
for
tzinfo
(RubyGems)
Jul 21, 2022
There is a path traversal vulnerability in Esri ArcGIS Server versions 10.9.1 and below....
High
Unreviewed
CVE-2022-38202
was published
Dec 28, 2022
Directory traversal attack in Spring Cloud Config
High
CVE-2020-5410
was published
for
org.springframework.cloud:spring-cloud-config-server
(Maven)
Jun 5, 2020
In some non-default installations of Esri Portal for ArcGIS versions 10.9.1 and below, a...
High
Unreviewed
CVE-2022-38205
was published
Dec 29, 2022
mySCADA myDESIGNER Versions 8.20.0 and prior fails to properly validate contents of an imported...
High
Unreviewed
CVE-2021-43555
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API