Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,201
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

43 advisories

Loading
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path... Moderate Unreviewed
CVE-2024-22096 was published Feb 2, 2024
A vulnerability in the NETCONF service of Cisco Network Services Orchestrator (NSO) could allow... Moderate Unreviewed
CVE-2023-20040 was published Jan 20, 2023
A vulnerability classified as critical was found in jeecgboot JimuReport up to 1.6.1. Affected by... Moderate Unreviewed
CVE-2023-6307 was published Nov 27, 2023
A CWE-23: Relative Path Traversal vulnerability exists in Telit Cinterion BGS5, Telit Cinterion... Moderate Unreviewed
CVE-2023-47613 was published Nov 9, 2023
Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server Moderate
CVE-2023-40026 was published for github.com/argoproj/argo-cd (Go) Sep 27, 2023
crenshaw-dev todaywasawesome
** UNSUPPORTED WHEN ASSIGNED ** A post-authentication arbitrary file read vulnerability impacting... Moderate Unreviewed
CVE-2022-22279 was published Apr 14, 2022
The AGG Software Web Server version 4.0.40.1014 and prior is vulnerable to a path traversal... Moderate Unreviewed
CVE-2021-32964 was published May 25, 2022
Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficiently, which enables... Moderate Unreviewed
CVE-2022-2106 was published Jun 28, 2022
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote... Moderate Unreviewed
CVE-2023-20066 was published Mar 23, 2023
Kubernetes vulnerable to path traversal Moderate
CVE-2022-3162 was published for github.com/kubernetes/kubernetes (Go) Mar 1, 2023
A vulnerability was found in MuYuCMS 2.2. It has been classified as problematic. Affected is an... Moderate Unreviewed
CVE-2023-1043 was published Feb 26, 2023
Path traversal in url-parse Moderate
CVE-2021-27515 was published for url-parse (npm) May 6, 2021
Directory traversal attack in Spring Cloud Config Moderate
CVE-2020-5405 was published for org.springframework.cloud:spring-cloud-config-server (Maven) Jun 5, 2020
A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow... Moderate Unreviewed
CVE-2019-19287 was published May 24, 2022
DNN vulnerable to Relative Path Traversal Moderate
CVE-2022-2922 was published for DotNetNuke.Core (NuGet) Oct 1, 2022
Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which... Moderate Unreviewed
CVE-2021-32954 was published May 24, 2022
Directory Traversal in nhouston Moderate
CVE-2014-8883 was published for nhouston (npm) Aug 31, 2020
Directory Traversal in Next.js Moderate
CVE-2020-5284 was published for next (npm) Mar 30, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database