Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

428 advisories

Loading
Apache Shiro Path Traversal vulnerability Moderate
CVE-2010-3863 was published for org.apache.shiro:shiro-root (Maven) May 14, 2022
OpenStack Nova Multiple directory traversal vulnerabilities Moderate
CVE-2011-4596 was published for nova (pip) May 14, 2022
Smarty Path Traversal Vulnerability Moderate
CVE-2018-16831 was published for smarty/smarty (Composer) May 14, 2022
Ocramius
RubyGems Path Traversal vulnerability Moderate
CVE-2018-1000079 was published for org.jruby:jruby-stdlib (RubyGems) May 14, 2022
SabreDAV Directory Traversal vulnerability Moderate
CVE-2013-1939 was published for sabre/dav (Composer) May 14, 2022
OpenStack Glance v2 API unrestricted path traversal through filesystem:// scheme Moderate
CVE-2015-1195 was published for glance (pip) May 14, 2022
Helm Path Traversal Moderate
CVE-2019-1000008 was published for helm.sh/helm (Go) May 14, 2022
Directory Traversal in Apache Tomcat Moderate
CVE-2008-5515 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
MarkLee131 sunSUNQ
Improper Limitation of a Pathname to a Restricted Directory in Apache ActiveMQ Moderate
CVE-2015-1830 was published for org.apache.activemq:activemq-client (Maven) May 14, 2022
sunSUNQ
OpenRefine Directory Traversal Moderate
CVE-2018-19859 was published for org.openrefine:main (Maven) May 14, 2022
UberFire Framework Improperly Restricts Paths Moderate
CVE-2014-8114 was published for org.uberfire:uberfire-parent (Maven) May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat Moderate
CVE-2015-5345 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ anlakii
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat Moderate
CVE-2015-5174 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
anlakii
Improper Limitation of a Pathname to a Restricted Directory in WildFly Moderate
CVE-2018-10862 was published for org.wildfly.core:wildfly-server (Maven) May 14, 2022
Path Traversal in Jenkins Moderate
CVE-2018-1000406 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jenkins Moderate
CVE-2018-1000997 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in Spring Framework Moderate
CVE-2014-3578 was published for org.springframework:spring-core (Maven) May 14, 2022
sunSUNQ
CoreFTP Directory Traversal Moderate
CVE-2019-9648 was published for CoreFtp (NuGet) May 14, 2022
Withdrawn Advisory: Pulp Improper Path Parsing Moderate
CVE-2018-10917 was published for pulpcore (pip) May 13, 2022 withdrawn
LibreNMS Arbitrary File Read Moderate
CVE-2017-16759 was published for librenms/librenms (Composer) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in Zip4j Moderate
CVE-2018-1002202 was published for net.lingala.zip4j:zip4j (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in SharpZipLib Moderate
CVE-2018-1002208 was published for SharpZipLib (NuGet) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in plexus-archiver Moderate
CVE-2018-1002200 was published for org.codehaus.plexus:plexus-archiver (Maven) May 13, 2022
Jenkins Image Gallery Plugin allows Path Traversal Moderate
CVE-2016-4987 was published for com.tupilabs.image_gallery:image-gallery (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in zt-zip Moderate
CVE-2018-1002201 was published for org.zeroturnaround:zt-zip (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database