Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

122 advisories

Loading
Yapscan's report receiver server vulnerable to path traversal and log injection High
GHSA-9h6h-9g78-86f7 was published for github.com/fkie-cad/yapscan (Go) Dec 29, 2022
tdunlap607
Cortex's Alertmanager can expose local files content via specially crafted config Moderate
CVE-2022-23536 was published for github.com/cortexproject/cortex (Go) Dec 19, 2022
aus
Dompdf before v2.0.0 vulnerable to chroot check bypass Moderate
CVE-2022-2400 was published for dompdf/dompdf (Composer) Jul 19, 2022
ingress-nginx component for Kubernetes allows file overwrite Moderate
CVE-2020-8553 was published for k8s.io/ingress-nginx (Go) May 24, 2022
ws-scrcpy is vulnerable to External Control of File Name or Path High Unreviewed
CVE-2021-3845 was published Jan 5, 2022
Upload whitelisted files to any directory in OctoberCMS Low
CVE-2020-5297 was published for october/cms (Composer) Jun 3, 2020
staz0t
Arbitrary File Deletion vulnerability in OctoberCMS Moderate
CVE-2020-5296 was published for october/cms (Composer) Jun 3, 2020
staz0t
Arbitrary File Read in html-pdf High
CVE-2019-15138 was published for html-pdf (npm) Oct 11, 2019
ProTip! Advisories are also available from the GraphQL API