Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

111 advisories

Loading
Buildah (as part of Podman) vulnerable to Path Traversal Low
CVE-2022-4123 was published for github.com/containers/podman/v4 (Go) Dec 8, 2022
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted PyPI package Moderate
CVE-2022-23531 was published for guarddog (pip) Dec 2, 2022
DNN vulnerable to Relative Path Traversal Moderate
CVE-2022-2922 was published for DotNetNuke.Core (NuGet) Oct 1, 2022
Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 was discovered... Critical Unreviewed
CVE-2022-28814 was published Sep 29, 2022
The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a... High Unreviewed
CVE-2022-1373 was published Aug 18, 2022
The affected product is vulnerable to directory traversal, which may allow an attacker to access... Critical Unreviewed
CVE-2022-2139 was published Jul 23, 2022
TZInfo relative path traversal vulnerability allows loading of arbitrary files High
CVE-2022-31163 was published for tzinfo (RubyGems) Jul 21, 2022
kratob
Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficiently, which enables... Moderate Unreviewed
CVE-2022-2106 was published Jun 28, 2022
OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative... Critical Unreviewed
CVE-2022-2120 was published Jun 25, 2022
The affected products are vulnerable to directory traversal, which may allow an attacker to... High Unreviewed
CVE-2022-1661 was published Jun 3, 2022
The AGG Software Web Server version 4.0.40.1014 and prior is vulnerable to a path traversal... Moderate Unreviewed
CVE-2021-32964 was published May 25, 2022
ZipSlip vulnerability in bblfshd Critical Unreviewed
CVE-2021-32825 was published May 24, 2022
mySCADA myDESIGNER Versions 8.20.0 and prior fails to properly validate contents of an imported... High Unreviewed
CVE-2021-43555 was published May 24, 2022
Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which... Moderate Unreviewed
CVE-2021-32954 was published May 24, 2022
ArcGIS GeoEvent Server versions 10.8.1 and below has a read-only directory path traversal... High Unreviewed
CVE-2021-29101 was published May 24, 2022
A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow... Moderate Unreviewed
CVE-2019-19287 was published May 24, 2022
A relative path traversal attack in the B. Braun OnlineSuite Version AP 3.0 and earlier allows... Critical Unreviewed
CVE-2020-25172 was published May 24, 2022
The Metasploit Framework module "auxiliary/admin/http/telpho10_credential_dump" module is... High Unreviewed
CVE-2020-7377 was published May 24, 2022
The Metasploit Framework module "post/osx/gather/enum_osx module" is affected by a relative path... Critical Unreviewed
CVE-2020-7376 was published May 24, 2022
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR... High Unreviewed
CVE-2019-18338 was published May 24, 2022
A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. It... High Unreviewed
CVE-2019-13408 was published May 24, 2022
A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide... High Unreviewed
CVE-2021-34605 was published May 12, 2022
A relative path traversal attack in the B. Braun Melsungen AG SpaceCom Version L81/U61 and... High Unreviewed
CVE-2020-25150 was published Apr 15, 2022
** UNSUPPORTED WHEN ASSIGNED ** A post-authentication arbitrary file read vulnerability impacting... Moderate Unreviewed
CVE-2022-22279 was published Apr 14, 2022
Path Traversal in Eclipse Vert Critical
CVE-2019-17640 was published for io.vertx:vertx-web (Maven) Feb 10, 2022
ProTip! Advisories are also available from the GraphQL API