Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

59 advisories

Loading
An attacker can read any file on the filesystem on the server hosting ModelDB through an LFI in... High Unreviewed
CVE-2023-6023 was published Nov 16, 2023
Exposure of Resource to Wrong Sphere in Zip-Local Critical
CVE-2021-23484 was published for zip-local (npm) Feb 1, 2022
Path Traversal: '\..\filename' in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12... High Unreviewed
CVE-2023-6130 was published Nov 14, 2023
Pimcore vulnerable to Pre-Auth Path Traversal in pimcore_log parameter Moderate
CVE-2023-2984 was published for pimcore/pimcore (Composer) Jun 6, 2023
Calipso Arbitrary File Write via Archive Extraction (Zip Slip) High
CVE-2021-23391 was published for calipso (npm) Jun 8, 2021
Emerson Electric's Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path... High Unreviewed
CVE-2022-2788 was published Aug 20, 2022
Path Traversal: '\..\filename' in GitHub repository salesagility/suitecrm prior to 7.12.9. High Unreviewed
CVE-2023-1034 was published Feb 25, 2023
Path Traversal in com.alibaba.oneagent:one-java-agent-plugin Moderate
CVE-2022-25842 was published for com.alibaba.oneagent:one-java-agent-plugin (Maven) May 3, 2022
Froxlor is vulnerable to path traversal Moderate
CVE-2023-0316 was published for froxlor/froxlor (Composer) Jan 16, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database