Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
Local file inclusion vulnerability in http4s Critical
CVE-2020-5280 was published for org.http4s:http4s-server_2.12 (Maven) Mar 25, 2020
ZipSlip vulnerability in bblfshd Critical Unreviewed
CVE-2021-32825 was published May 24, 2022
OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative... Critical Unreviewed
CVE-2022-2120 was published Jun 25, 2022
The affected product is vulnerable to directory traversal, which may allow an attacker to access... Critical Unreviewed
CVE-2022-2139 was published Jul 23, 2022
A relative path traversal attack in the B. Braun OnlineSuite Version AP 3.0 and earlier allows... Critical Unreviewed
CVE-2020-25172 was published May 24, 2022
Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 was discovered... Critical Unreviewed
CVE-2022-28814 was published Sep 29, 2022
Path Traversal in Eclipse Vert Critical
CVE-2019-17640 was published for io.vertx:vertx-web (Maven) Feb 10, 2022
A vulnerability was found in Drag and Drop Multiple File Upload Contact Form 7 5.0.6.1. It has... Critical Unreviewed
CVE-2023-1112 was published Mar 1, 2023
Relative Path Traversal vulnerability in YugaByte, Inc. Yugabyte Managed ... Critical Unreviewed
CVE-2023-0745 was published Feb 9, 2023
A user who is privileged already `manager` or `admin` can set their profile picture via the... Critical Unreviewed
CVE-2024-0550 was published Feb 28, 2024
The Metasploit Framework module "post/osx/gather/enum_osx module" is affected by a relative path... Critical Unreviewed
CVE-2020-7376 was published May 24, 2022
mintplex-labs/anything-llm is vulnerable to path traversal attacks due to insufficient validation... Critical Unreviewed
CVE-2024-3025 was published Apr 10, 2024
Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to write... Critical Unreviewed
CVE-2023-3941 was published May 21, 2024
Remote code execution in mlflow Critical
CVE-2024-0520 was published for mlflow (pip) Jun 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database