Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,128
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,024
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,176 advisories

Loading
The Rexians/rex-web repository through 2022-06-05 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31568 was published Jul 12, 2022
The uncleYiba/photo_tag repository through 2020-08-31 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31560 was published Jul 12, 2022
The tsileo/flask-yeoman repository through 2013-09-13 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31559 was published Jul 12, 2022
The heidi-luong1109/shackerpanel repository through 2021-05-25 on GitHub allows absolute path... Critical Unreviewed
CVE-2022-31576 was published Jul 12, 2022
ChainerRL Visualizer 0.1.1 vulnerable to Path Traversal via unsafe use of send_file function Critical
CVE-2022-31573 was published for chainerrl-visualizer (pip) Jul 12, 2022
The DSABenchmark/DSAB repository through 2.1 on GitHub allows absolute path traversal because the... Critical Unreviewed
CVE-2022-31567 was published Jul 12, 2022
The sanojtharindu/caretakerr-api repository through 2021-05-17 on GitHub allows absolute path... Critical Unreviewed
CVE-2022-31580 was published Jul 12, 2022
The yuriyouzhou/KG-fashion-chatbot repository through 2018-05-22 on GitHub allows absolute path... Critical Unreviewed
CVE-2022-31587 was published Jul 12, 2022
The ralphjzhang/iasset repository through 2022-05-04 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31579 was published Jul 12, 2022
The woduq1414/munhak-moa repository before 2022-05-03 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31564 was published Jul 12, 2022
The umeshpatil-dev/Home__internet repository through 2020-08-28 on GitHub allows absolute path... Critical Unreviewed
CVE-2022-31585 was published Jul 12, 2022
The pleomax00/flask-mongo-skel repository through 2012-11-01 on GitHub allows absolute path... Critical Unreviewed
CVE-2022-31551 was published Jul 12, 2022
The rainsoupah/sleep-learner repository through 2021-02-21 on GitHub allows absolute path... Critical Unreviewed
CVE-2022-31553 was published Jul 12, 2022
The operatorequals/wormnest repository through 0.4.7 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31502 was published Jul 12, 2022
The Delor4/CarceresBE repository through 1.0 on GitHub allows absolute path traversal because the... Critical Unreviewed
CVE-2022-31515 was published Jul 12, 2022
The Niyaz-Mohamed/mosaic repository through 1.0.0 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31521 was published Jul 12, 2022
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')... High Unreviewed
CVE-2022-34762 was published Jul 14, 2022
In openFile of CallLogProvider.java, there is a possible permission bypass due to a path... High Unreviewed
CVE-2022-20220 was published Jul 14, 2022
Directory traversal vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated... Moderate Unreviewed
CVE-2016-7802 was published May 17, 2022
Partial Path Traversal in com.amazonaws:aws-java-sdk-s3 High
CVE-2022-31159 was published for com.amazonaws:aws-java-sdk-s3 (Maven) Jul 15, 2022
JLLeitschuh
An issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior... Moderate Unreviewed
CVE-2017-5163 was published May 17, 2022
Directory traversal vulnerability in the WP e-Commerce Shop Styling plugin before 2.6 for... High Unreviewed
CVE-2015-5468 was published May 17, 2022
acp/core/files.browser.php in flatCore 1.4.7 allows file deletion via directory traversal in the... High Unreviewed
CVE-2017-8868 was published May 17, 2022
A path traversal vulnerability exists in simple-file-manager before 2017-04-26, affecting index... Critical Unreviewed
CVE-2017-8297 was published May 17, 2022
Directory traversal vulnerability in AttacheCase for Java 0.60 and earlier, AttacheCase Lite 1.4... Moderate Unreviewed
CVE-2016-7843 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database