Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,210 advisories

Loading
Apache OpenMeetings Directory Traversal vulnerability Moderate
CVE-2016-0784 was published for org.apache.openmeetings:openmeetings-install (Maven) May 14, 2022
WSO2 Carbon directory traversal vulnerability Moderate
CVE-2016-4314 was published for org.wso2.carbon.commons:org.wso2.carbon.logging.view.ui (Maven) May 14, 2022
Plone vulnerable to filesystem information leak Moderate
CVE-2016-7135 was published for Plone (pip) May 14, 2022
Apache Shiro Path Traversal vulnerability Moderate
CVE-2010-3863 was published for org.apache.shiro:shiro-root (Maven) May 14, 2022
Apache Geronimo Application Server multiple directory traversal vulnerabilities High
CVE-2008-5518 was published for org.apache.geronimo.plugins:console (Maven) May 14, 2022
MarkLee131
OpenStack Nova Multiple directory traversal vulnerabilities Moderate
CVE-2011-4596 was published for nova (pip) May 14, 2022
Smarty Path Traversal Vulnerability Moderate
CVE-2018-16831 was published for smarty/smarty (Composer) May 14, 2022
Ocramius
RubyGems Path Traversal vulnerability Moderate
CVE-2018-1000079 was published for org.jruby:jruby-stdlib (RubyGems) May 14, 2022
SabreDAV Directory Traversal vulnerability Moderate
CVE-2013-1939 was published for sabre/dav (Composer) May 14, 2022
Asset Pipeline plugin for Grails vulnerable to Path Traversal High
CVE-2018-17605 was published for org.grails.plugins:asset-pipeline (Maven) May 14, 2022
RDF4J vulnerable to zip slip High
CVE-2018-20227 was published for org.eclipse.rdf4j:rdf4j (Maven) May 14, 2022
MarkLee131
Gogs Directory Traversal High
CVE-2018-20303 was published for gogs.io/gogs (Go) May 14, 2022
OpenStack Glance v2 API unrestricted path traversal through filesystem:// scheme Moderate
CVE-2015-1195 was published for glance (pip) May 14, 2022
Helm Path Traversal Moderate
CVE-2019-1000008 was published for helm.sh/helm (Go) May 14, 2022
Symfony Directory Traversal High
CVE-2017-16654 was published for symfony/intl (Composer) May 14, 2022
Directory Traversal in Apache Tomcat Moderate
CVE-2008-5515 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
MarkLee131 sunSUNQ
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat Low
CVE-2010-3718 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
oliverchang sunSUNQ
Improper Limitation of a Pathname to a Restricted Directory in Apache ActiveMQ Moderate
CVE-2015-1830 was published for org.apache.activemq:activemq-client (Maven) May 14, 2022
sunSUNQ
OpenRefine Directory Traversal Moderate
CVE-2018-19859 was published for org.openrefine:main (Maven) May 14, 2022
UberFire Framework Improperly Restricts Paths Moderate
CVE-2014-8114 was published for org.uberfire:uberfire-parent (Maven) May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat Moderate
CVE-2015-5174 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
anlakii
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat Moderate
CVE-2015-5345 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ anlakii
Improper Limitation of a Pathname to a Restricted Directory in WildFly Moderate
CVE-2018-10862 was published for org.wildfly.core:wildfly-server (Maven) May 14, 2022
Path Traversal in Jenkins Moderate
CVE-2018-1000406 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jenkins Moderate
CVE-2018-1000997 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database