Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,330
Erlang
31
GitHub Actions
21
Go
2,091
Maven
5,000+
npm
3,756
NuGet
678
pip
3,443
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

712 advisories

Loading
Path Traversal in django-s3file Critical
CVE-2022-24840 was published for django-s3file (pip) Jun 6, 2022
tunecrew syphar
herrbenesch codingjoe
Path Traversal in file editor on Windows in Gogs Critical
CVE-2022-1992 was published for gogs.io/gogs (Go) Jun 8, 2022
1135
iSpyConnect iSpy v7.2.2.0 is vulnerable to path traversal. Critical Unreviewed
CVE-2022-29774 was published Jun 22, 2022
LRM contains a directory traversal vulnerability that can allow a malicious actor to upload... Critical Unreviewed
CVE-2022-1518 was published Jun 25, 2022
OFFIS DCMTK's (All versions prior to 3.6.7) service class provider (SCP) is vulnerable to path... Critical Unreviewed
CVE-2022-2119 was published Jun 25, 2022
OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative... Critical Unreviewed
CVE-2022-2120 was published Jun 25, 2022
Path traversal in Concrete CMS Critical
CVE-2022-30117 was published for concrete5/core (Composer) Jun 25, 2022
The Product Configurator for WooCommerce WordPress plugin before 1.2.32 suffers from an arbitrary... Critical Unreviewed
CVE-2022-1953 was published Jun 28, 2022
A data removal vulnerability exists in the web_server /action/remove/ API functionality of... Critical Unreviewed
CVE-2022-28127 was published Jul 1, 2022
Path Traversal in Beego Critical
CVE-2022-31836 was published for github.com/beego/beego (Go) Jul 6, 2022
A path traversal vulnerability in loader.php of CWP v0.9.8.1122 allows attackers to execute... Critical Unreviewed
CVE-2022-25046 was published Jul 8, 2022
The Caoyongqi912/Fan_Platform repository through 2021-04-20 on GitHub allows absolute path... Critical Unreviewed
CVE-2022-31514 was published Jul 12, 2022
The JustAnotherSoftwareDeveloper/Python-Recipe-Database repository through 2021-03-31 on GitHub... Critical Unreviewed
CVE-2022-31518 was published Jul 12, 2022
The SummaLabs/DLS repository through 0.1.0 on GitHub allows absolute path traversal because the... Critical Unreviewed
CVE-2022-31525 was published Jul 12, 2022
The HolgerGraef/MSM repository through 2021-04-20 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31517 was published Jul 12, 2022
The Luxas98/logstash-management-api repository through 2020-05-04 on GitHub allows absolute path... Critical Unreviewed
CVE-2022-31520 was published Jul 12, 2022
The dainst/cilantro repository through 0.0.4 on GitHub allows absolute path traversal because the... Critical Unreviewed
CVE-2022-31531 was published Jul 12, 2022
The Harveyzyh/Python repository through 2022-05-04 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31516 was published Jul 12, 2022
The csm-aut/csm repository through 3.5 on GitHub allows absolute path traversal because the Flask... Critical Unreviewed
CVE-2022-31530 was published Jul 12, 2022
The dankolbman/travel_blahg repository through 2016-01-16 on GitHub allows absolute path... Critical Unreviewed
CVE-2022-31532 was published Jul 12, 2022
The NotVinay/karaokey repository through 2019-12-11 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31522 was published Jul 12, 2022
The Lukasavicus/WindMill repository through 1.0 on GitHub allows absolute path traversal because... Critical Unreviewed
CVE-2022-31519 was published Jul 12, 2022
The AFDudley/equanimity repository through 2014-04-23 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31511 was published Jul 12, 2022
The PaddlePaddle/Anakin repository through 0.1.1 on GitHub allows absolute path traversal because... Critical Unreviewed
CVE-2022-31523 was published Jul 12, 2022
The sergeKashkin/Simple-RAT repository before 2022-05-03 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31510 was published Jul 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database