GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
143 advisories
Filter by severity
The Metasploit Framework module "post/osx/gather/enum_osx module" is affected by a relative path...
Critical
Unreviewed
CVE-2020-7376
was published
May 24, 2022
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR...
High
Unreviewed
CVE-2019-18338
was published
May 24, 2022
A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. It...
High
Unreviewed
CVE-2019-13408
was published
May 24, 2022
A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide...
High
Unreviewed
CVE-2021-34605
was published
May 12, 2022
A relative path traversal attack in the B. Braun Melsungen AG SpaceCom Version L81/U61 and...
High
Unreviewed
CVE-2020-25150
was published
Apr 15, 2022
** UNSUPPORTED WHEN ASSIGNED ** A post-authentication arbitrary file read vulnerability impacting...
Moderate
Unreviewed
CVE-2022-22279
was published
Apr 14, 2022
Path Traversal in Eclipse Vert
Critical
CVE-2019-17640
was published
for
io.vertx:vertx-web
(Maven)
Feb 10, 2022
Upload of file to arbitrary path in Apache Flink
High
CVE-2020-17518
was published
for
org.apache.flink:flink-runtime
(Maven)
Feb 9, 2022
Maliciously Crafted Model Archive Can Lead To Arbitrary File Write
High
CVE-2021-41127
was published
for
rasa
(pip)
Oct 22, 2021
Relative Path Traversal in git-delta
High
CVE-2021-36376
was published
for
git-delta
(Rust)
Aug 25, 2021
Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning
High
CVE-2021-32803
was published
for
tar
(npm)
Aug 3, 2021
Directory Traversal in nhouston
Moderate
CVE-2014-8883
was published
for
nhouston
(npm)
Aug 31, 2020
Directory traversal attack in Spring Cloud Config
High
CVE-2020-5410
was published
for
org.springframework.cloud:spring-cloud-config-server
(Maven)
Jun 5, 2020
Directory traversal attack in Spring Cloud Config
Moderate
CVE-2020-5405
was published
for
org.springframework.cloud:spring-cloud-config-server
(Maven)
Jun 5, 2020
Local file inclusion vulnerability in http4s
Critical
CVE-2020-5280
was published
for
org.http4s:http4s-server_2.12
(Maven)
Mar 25, 2020
Relative Path Traversal (CWE-23) in chunked uploads in oneup/uploader-bundle
High
CVE-2020-5237
was published
for
oneup/uploader-bundle
(Composer)
Feb 18, 2020
ProTip!
Advisories are also available from the
GraphQL API