Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,761
Maven
5,000+
npm
4,368
NuGet
767
pip
4,137
Pub
12
RubyGems
962
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

266 advisories

Loading
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted PyPI package Low
CVE-2022-23531 was published for guarddog (pip) Dec 2, 2022
DNN vulnerable to Relative Path Traversal Moderate
CVE-2022-2922 was published for DotNetNuke.Core (NuGet) Oct 1, 2022
Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 was discovered... Critical Unreviewed
CVE-2022-28814 was published Sep 29, 2022
The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a... High Unreviewed
CVE-2022-1373 was published Aug 18, 2022
An attacker may use TWinSoft and a malicious source project file (TPG) to extract files on... Critical Unreviewed
CVE-2021-22650 was published Jul 29, 2022
The affected product is vulnerable to directory traversal, which may allow an attacker to access... Critical Unreviewed
CVE-2022-2139 was published Jul 23, 2022
TZInfo relative path traversal vulnerability allows loading of arbitrary files High
CVE-2022-31163 was published for tzinfo (RubyGems) Jul 21, 2022
kratob
Credited to kratob
Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficiently, which enables... Moderate Unreviewed
CVE-2022-2106 was published Jun 28, 2022
OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative... Critical Unreviewed
CVE-2022-2120 was published Jun 25, 2022
The affected products are vulnerable to directory traversal, which may allow an attacker to... High Unreviewed
CVE-2022-1661 was published Jun 3, 2022
The AGG Software Web Server version 4.0.40.1014 and prior is vulnerable to a path traversal... Moderate Unreviewed
CVE-2021-32964 was published May 25, 2022
ZipSlip vulnerability in bblfshd Critical Unreviewed
CVE-2021-32825 was published May 24, 2022
mySCADA myDESIGNER Versions 8.20.0 and prior fails to properly validate contents of an imported... High Unreviewed
CVE-2021-43555 was published May 24, 2022
An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a... Critical Unreviewed
CVE-2021-40870 was published May 24, 2022
Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which... Moderate Unreviewed
CVE-2021-32954 was published May 24, 2022
ArcGIS GeoEvent Server versions 10.8.1 and below has a read-only directory path traversal... High Unreviewed
CVE-2021-29101 was published May 24, 2022
A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow... Moderate Unreviewed
CVE-2019-19287 was published May 24, 2022
A relative path traversal attack in the B. Braun OnlineSuite Version AP 3.0 and earlier allows... Critical Unreviewed
CVE-2020-25172 was published May 24, 2022
The Metasploit Framework module "auxiliary/admin/http/telpho10_credential_dump" module is... High Unreviewed
CVE-2020-7377 was published May 24, 2022
The Metasploit Framework module "post/osx/gather/enum_osx module" is affected by a relative path... Critical Unreviewed
CVE-2020-7376 was published May 24, 2022
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR... High Unreviewed
CVE-2019-18338 was published May 24, 2022
A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. It... High Unreviewed
CVE-2019-13408 was published May 24, 2022
Directory traversal vulnerability in the web server in SpecView 2.5 build 853 and earlier allows... Moderate Unreviewed
CVE-2012-5972 was published May 17, 2022
Directory traversal vulnerability in the Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4... High Unreviewed
CVE-2012-6069 was published May 17, 2022
A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The... High Unreviewed
CVE-2017-13996 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database