Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,298
Erlang
31
GitHub Actions
21
Go
2,063
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
876
Swift
36
Unreviewed advisories
All unreviewed
5,000+

552 advisories

Loading
Goutil vulnerable to path traversal when unzipping files High
CVE-2023-27475 was published for github.com/gookit/goutil (Go) Mar 7, 2023
cokeBeer
node-static and @nubosoftware/node-static vulnerable to Directory Traversal High
CVE-2023-26111 was published for @nubosoftware/node-static (npm) Mar 6, 2023
mrpack-install vulnerable to path traversal with dependency High
CVE-2023-25307 was published for github.com/nothub/mrpack-install (Go) Feb 8, 2023
Akarys42
Unsafe tar unpacking in HashiCorp go-slug High
CVE-2020-29529 was published for github.com/hashicorp/go-slug (Go) Feb 6, 2023
Path Traversal in gin-vue-admin High
CVE-2022-47762 was published for github.com/flipped-aurora/gin-vue-admin (Go) Feb 3, 2023
Warp vulnerable to Path Traversal via Improper validation of Windows paths High
GHSA-8v4j-7jgf-5rg9 was published for warp (Rust) Jan 31, 2023
tdunlap607
Servst vulnerable to Path Traversal High
CVE-2022-25936 was published for servst (npm) Jan 30, 2023
Fix for arbitrary file deletion in customer media allows for remote code execution High
CVE-2021-41143 was published for openmage/magento-lts (Composer) Jan 27, 2023
Directory Traversal vulnerability in serve-lite High
CVE-2022-21192 was published for serve-lite (npm) Jan 26, 2023
lirantal
Directory Traversal in onnx High
CVE-2022-25882 was published for onnx (pip) Jan 26, 2023
Path traversal in binwalk High
CVE-2022-4510 was published for binwalk (pip) Jan 26, 2023
qkaiser
Kraken has arbitrary file read vulnerability via component testfs High
CVE-2022-47747 was published for github.com/uber/kraken (Go) Jan 20, 2023
act vulnerable to arbitrary file upload in artifact server High
CVE-2023-22726 was published for github.com/nektos/act (Go) Jan 20, 2023
Path Traversal in web-node-server High
CVE-2020-36651 was published for web-node-server (npm) Jan 18, 2023
org.neo4j.procedure:apoc Path Traversal Vulnerability High
CVE-2022-23532 was published for org.neo4j.procedure:apoc (Maven) Jan 13, 2023
sviehb/jefferson vulnerable to path traversal High
CVE-2022-4885 was published for jefferson (pip) Jan 11, 2023
Gravitee API Management contains Path Traversal High
CVE-2022-38723 was published for io.gravitee.apim:gravitee-api-management (Maven) Jan 4, 2023
Path Traversal In MeterSpere leads to upload file to any path High
CVE-2022-46178 was published for io.metersphere:metersphere (Maven) Dec 30, 2022
Yapscan's report receiver server vulnerable to path traversal and log injection High
GHSA-9h6h-9g78-86f7 was published for github.com/fkie-cad/yapscan (Go) Dec 29, 2022
tdunlap607
Goa vulnerable to path traversal High
CVE-2019-25073 was published for github.com/goadesign/goa (Go) Dec 28, 2022
ahh vulnerable to Path Traversal High
CVE-2020-36559 was published for aahframe.work (Go) Dec 28, 2022
Widoco Path Traversal vulnerability High
CVE-2022-4772 was published for com.github.dgarijo:Widoco (Maven) Dec 28, 2022
SimbCo httpster vulnerable to Path Traversal High
CVE-2020-36629 was published for httpster (npm) Dec 25, 2022
lite-dev-server vulnerable to Directory Traversal High
CVE-2022-25895 was published for lite-dev-server (npm) Dec 21, 2022
lirantal
easy-static-server vulnerable to Directory Traversal High
CVE-2022-25931 was published for easy-static-server (npm) Dec 20, 2022
lirantal
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database