Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,084
Maven
5,000+
npm
3,747
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

367 advisories

Loading
Improper Limitation of a Pathname to a Restricted Directory in Spring Framework Moderate
CVE-2014-3625 was published for org.springframework:spring-webmvc (Maven) May 13, 2022
sunSUNQ
Improper Limitation of a Pathname to a Restricted Directory in Jenkins Moderate
CVE-2018-6356 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
sunSUNQ
Path Traversal in scout-browser Moderate
CVE-2022-1554 was published for scout-browser (pip) May 4, 2022
Path Traversal in com.alibaba.oneagent:one-java-agent-plugin Moderate
CVE-2022-25842 was published for com.alibaba.oneagent:one-java-agent-plugin (Maven) May 3, 2022
CuteSoft CuteEditor Path Traversal vulnerability Moderate
CVE-2009-4665 was published for CuteEditor (NuGet) May 2, 2022
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Apache Tomcat Moderate
CVE-2009-2902 was published for org.apache.tomcat:tomcat (Maven) May 2, 2022
MarkLee131 sunSUNQ
Apache Tomcat Directory Traversal vulnerability Moderate
CVE-2009-2693 was published for org.apache.tomcat:tomcat (Maven) May 2, 2022
MarkLee131 sunSUNQ
Directory traversal in Mort Bay Jetty Moderate
CVE-2009-1523 was published for org.mortbay.jetty:jetty (Maven) May 2, 2022
joshbressers
Mercurial Directory traversal vulnerability Moderate
CVE-2008-2942 was published for mercurial (pip) May 1, 2022
Apache Tomcat Directory Traversal vulnerability Moderate
CVE-2008-2938 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
MarkLee131
Apache Tomcat Path Traversal Vulnerability Moderate
CVE-2008-2370 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
MoinMoin Directory traversal vulnerability Moderate
CVE-2008-0782 was published for moin (pip) May 1, 2022
Directory Traversal in pyftpdlib Moderate
CVE-2007-6736 was published for pyftpdlib (pip) May 1, 2022
Mortbay Jetty Double Slash URI Information Disclosure Vulnerability Moderate
CVE-2007-6672 was published for org.mortbay.jetty:jetty (Maven) May 1, 2022
Mongrel vulnerable to directory traversal via double-encoded sequences Moderate
CVE-2007-6612 was published for mongrel (RubyGems) May 1, 2022
Apache Tomcat Directory Traversal Moderate
CVE-2007-0450 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
sunSUNQ
CakePHP directory traversal vulnerability allows remote attackers to read arbitrary files Moderate
CVE-2006-5031 was published for cakephp/cakephp (Composer) May 1, 2022
ravage84
phpSysInfo allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) sequence Moderate
CVE-2006-3360 was published for phpsysinfo/phpsysinfo (Composer) May 1, 2022
Jetty Directory Traversal Vulnerability Moderate
CVE-2006-2758 was published for org.mortbay.jetty:jetty (Maven) May 1, 2022
Apache Tomcat Directory Traversal Moderate
CVE-2000-1210 was published for org.apache.tomcat:tomcat (Maven) Apr 30, 2022
Roundup Directory traversal vulnerability Moderate
CVE-2004-1444 was published for Roundup (pip) Apr 29, 2022
Jakarta Tomcat Directory Listing vulnerability Moderate
CVE-2003-0042 was published for org.apache.tomcat:tomcat (Maven) Apr 29, 2022
Path Traversal in Grunt Moderate
CVE-2022-0436 was published for grunt (npm) Apr 13, 2022
Arbitrary file read vulnerability in Jenkins Continuous Integration with Toad Edge Plugin Moderate
CVE-2022-28146 was published for org.jenkins-ci.plugins:ci-with-toad-edge (Maven) Mar 30, 2022
NotMyFault
Path traversal in Jenkins Phoenix AutoTest Plugin Moderate
CVE-2022-28156 was published for com.surenpi.jenkins:phoenix-autotest (Maven) Mar 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database