Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,209 advisories

Loading
Path Traversal in web-node-server High
CVE-2020-36651 was published for web-node-server (npm) Jan 18, 2023
webbrowser-rs allows attackers to access arbitrary files via supplying a crafted URL Critical
CVE-2022-45299 was published for webbrowser (Rust) Jan 13, 2023
tdunlap607
org.neo4j.procedure:apoc Path Traversal Vulnerability High
CVE-2022-23532 was published for org.neo4j.procedure:apoc (Maven) Jan 13, 2023
sviehb/jefferson vulnerable to path traversal High
CVE-2022-4885 was published for jefferson (pip) Jan 11, 2023
SUKOHI Surpass Path Traversal vulnerability Moderate
CVE-2015-10030 was published for sukohi/surpass (Composer) Jan 8, 2023
Gravitee API Management contains Path Traversal High
CVE-2022-38723 was published for io.gravitee.apim:gravitee-api-management (Maven) Jan 4, 2023
Path Traversal In MeterSpere leads to upload file to any path High
CVE-2022-46178 was published for io.metersphere:metersphere (Maven) Dec 30, 2022
pastebinit Path Traversal vulnerability Moderate
CVE-2018-25059 was published for github.com/jessfraz/pastebinit (Go) Dec 30, 2022
Yapscan's report receiver server vulnerable to path traversal and log injection High
GHSA-9h6h-9g78-86f7 was published for github.com/fkie-cad/yapscan (Go) Dec 29, 2022
tdunlap607
tar-utils Path Traversal vulnerability Critical
CVE-2020-36566 was published for github.com/whyrusleeping/tar-utils (Go) Dec 28, 2022
Goa vulnerable to path traversal High
CVE-2019-25073 was published for github.com/goadesign/goa (Go) Dec 28, 2022
Cloud Foundry Archiver vulnerable to path traversal Critical
CVE-2018-25046 was published for code.cloudfoundry.org/archiver (Go) Dec 28, 2022
ahh vulnerable to Path Traversal High
CVE-2020-36559 was published for aahframe.work (Go) Dec 28, 2022
go-unzip vulnerable to Path Traversal Critical
CVE-2020-36560 was published for github.com/artdarek/go-unzip (Go) Dec 28, 2022
Unzip vulnerable to path traversal Critical
CVE-2020-36561 was published for github.com/yi-ge/unzip (Go) Dec 28, 2022
Widoco Path Traversal vulnerability High
CVE-2022-4772 was published for com.github.dgarijo:Widoco (Maven) Dec 28, 2022
SimbCo httpster vulnerable to Path Traversal High
CVE-2020-36629 was published for httpster (npm) Dec 25, 2022
ThinkPHP Framework vulnerable to remote code execution Critical
CVE-2022-47945 was published for topthink/framework (Composer) Dec 23, 2022
Tauri Filesystem Scope Glob Pattern is too Permissive Moderate
CVE-2022-46171 was published for tauri (Rust) Dec 22, 2022
OrIOg
lite-dev-server vulnerable to Directory Traversal High
CVE-2022-25895 was published for lite-dev-server (npm) Dec 21, 2022
lirantal
easy-static-server vulnerable to Directory Traversal High
CVE-2022-25931 was published for easy-static-server (npm) Dec 20, 2022
lirantal
UBI Reader vulnerable to Path Traversal Moderate
CVE-2022-4572 was published for ubi-reader (pip) Dec 17, 2022
Alist vulnerable to Path Traversal Critical
CVE-2022-45969 was published for github.com/alist-org/alist/v3 (Go) Dec 16, 2022
easywebpack-cli Path Traversal vulnerability Moderate
CVE-2020-24855 was published for @easy-team/easywebpack-cli (npm) Dec 15, 2022
SCIFIO vulnerable to Path Traversal Critical
CVE-2022-4493 was published for io.scif:scifio (Maven) Dec 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database