GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
666
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
13 advisories
Filter by severity
Directory Traversal in nhouston
Moderate
CVE-2014-8883
was published
for
nhouston
(npm)
Aug 31, 2020
DNN vulnerable to Relative Path Traversal
Moderate
CVE-2022-2922
was published
for
DotNetNuke.Core
(NuGet)
Oct 1, 2022
Directory traversal attack in Spring Cloud Config
Moderate
CVE-2020-5405
was published
for
org.springframework.cloud:spring-cloud-config-server
(Maven)
Jun 5, 2020
Kubernetes vulnerable to path traversal
Moderate
CVE-2022-3162
was published
for
github.com/kubernetes/kubernetes
(Go)
Mar 1, 2023
Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server
Moderate
CVE-2023-40026
was published
for
github.com/argoproj/argo-cd
(Go)
Sep 27, 2023
Helm dependency management path traversal
Moderate
CVE-2024-25620
was published
for
helm.sh/helm/v3
(Go)
Feb 15, 2024
Oceanic allows unsanitized user input to lead to path traversal in URLs
Moderate
CVE-2024-34712
was published
for
oceanic.js
(npm)
May 14, 2024
path traversal vulnerability was identified in the parisneo/lollms-webui
Moderate
CVE-2024-4330
was published
for
lollms
(pip)
Jun 2, 2024
Lord of Large Language Models (LoLLMs) path traversal vulnerability in the api open_personality_folder endpoint
Moderate
CVE-2024-6985
was published
for
lollms
(pip)
Oct 11, 2024
registry-support: decompress can delete files outside scope via relative paths
Moderate
CVE-2024-1485
was published
for
github.com/devfile/registry-support/registry-library
(Go)
Feb 14, 2024
Ansible galaxy-importer Path Traversal vulnerability
Moderate
CVE-2023-5189
was published
for
galaxy-importer
(pip)
Nov 15, 2023
ProTip!
Advisories are also available from the
GraphQL API