GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
14 advisories
Filter by severity
Local file inclusion vulnerability in http4s
Critical
CVE-2020-5280
was published
for
org.http4s:http4s-server_2.12
(Maven)
Mar 25, 2020
OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative...
Critical
Unreviewed
CVE-2022-2120
was published
Jun 25, 2022
The affected product is vulnerable to directory traversal, which may allow an attacker to access...
Critical
Unreviewed
CVE-2022-2139
was published
Jul 23, 2022
A relative path traversal attack in the B. Braun OnlineSuite Version AP 3.0 and earlier allows...
Critical
Unreviewed
CVE-2020-25172
was published
May 24, 2022
Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 was discovered...
Critical
Unreviewed
CVE-2022-28814
was published
Sep 29, 2022
Path Traversal in Eclipse Vert
Critical
CVE-2019-17640
was published
for
io.vertx:vertx-web
(Maven)
Feb 10, 2022
A vulnerability was found in Drag and Drop Multiple File Upload Contact Form 7 5.0.6.1. It has...
Critical
Unreviewed
CVE-2023-1112
was published
Mar 1, 2023
Relative Path Traversal vulnerability in YugaByte, Inc. Yugabyte Managed ...
Critical
Unreviewed
CVE-2023-0745
was published
Feb 9, 2023
A user who is privileged already `manager` or `admin` can set their profile picture via the...
Critical
Unreviewed
CVE-2024-0550
was published
Feb 28, 2024
The Metasploit Framework module "post/osx/gather/enum_osx module" is affected by a relative path...
Critical
Unreviewed
CVE-2020-7376
was published
May 24, 2022
mintplex-labs/anything-llm is vulnerable to path traversal attacks due to insufficient validation...
Critical
Unreviewed
CVE-2024-3025
was published
Apr 10, 2024
Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker
to write...
Critical
Unreviewed
CVE-2023-3941
was published
May 21, 2024
ProTip!
Advisories are also available from the
GraphQL API