GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
126 advisories
Filter by severity
EC-CUBE Directory traversal vulnerability
Low
CVE-2022-40199
was published
for
ec-cube/ec-cube
(Composer)
Sep 28, 2022
JADX file override vulnerability
Low
GHSA-hvp5-5x4f-33fq
was published
for
io.github.skylot:jadx-core
(Maven)
Apr 22, 2024
The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitize the dir parameter...
Low
Unreviewed
CVE-2023-2117
was published
May 30, 2023
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A path traversal...
Low
Unreviewed
CVE-2023-27409
was published
May 9, 2023
The Orders Tracking for WooCommerce WordPress plugin before 1.2.6 doesn't validate the file_url...
Low
Unreviewed
CVE-2023-4216
was published
Sep 4, 2023
An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP (as a...
Low
Unreviewed
CVE-2023-25186
was published
Jun 16, 2023
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3,...
Low
Unreviewed
CVE-2022-42474
was published
Jun 13, 2023
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1...
Low
Unreviewed
CVE-2023-29128
was published
May 9, 2023
phpMyFAQ Path Traversal in Attachments
Low
CVE-2024-29196
was published
for
phpmyfaq/phpmyfaq
(Composer)
Mar 25, 2024
Pleroma Path Traversal vulnerability
Low
CVE-2023-5588
was published
for
pleroma
(Erlang)
Oct 16, 2023
Dell Unity, versions prior to 5.4, contain a path traversal vulnerability in its...
Low
Unreviewed
CVE-2024-22226
was published
Feb 12, 2024
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat
Low
CVE-2010-3718
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives
Low
Unreviewed
CVE-2024-24940
was published
Feb 6, 2024
Plugin archive directory traversal in Helm
Low
CVE-2020-4053
was published
for
helm.sh/helm/v3
(Go)
Jun 23, 2021
A vulnerability, which was classified as problematic, was found in KDE Plasma Workspace up to 5...
Low
Unreviewed
CVE-2024-1433
was published
Feb 12, 2024
Zoho ManageEngine ADAudit Plus before 7270 allows admin users to view names of arbitrary...
Low
Unreviewed
CVE-2023-50785
was published
Jan 25, 2024
The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does...
Low
Unreviewed
CVE-2023-2252
was published
Jan 16, 2024
Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in...
Low
Unreviewed
CVE-2024-20805
was published
Jan 4, 2024
A vulnerability was found in Inis up to 2.0.1. It has been rated as problematic. This issue...
Low
Unreviewed
CVE-2024-0341
was published
Jan 9, 2024
The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Directory...
Low
Unreviewed
CVE-2022-2945
was published
Sep 7, 2022
Apache Tomcat Path Traversal Vulnerability
Low
CVE-2007-5461
was published
for
org.apache.tomcat:tomcat
(Maven)
May 1, 2022
Malicious URL drafting attack against iodines static file server may allow path traversal
Low
CVE-2024-22050
was published
for
iodine
(RubyGems)
Oct 7, 2019
Duplicate Advisory: Malicious URL drafting attack against iodines static file server may allow path traversal
Low
GHSA-qwf7-rv77-fcr3
was published
for
iodine
(RubyGems)
Jan 4, 2024
•
withdrawn
Winter CMS Local File Inclusion through Server Side Template Injection
Low
CVE-2023-52085
was published
for
winter/wn-backend-module
(Composer)
Jan 2, 2024
Path traversal in Jenkins REPO Plugin
Low
CVE-2022-30949
was published
for
org.jenkins-ci.plugins:git
(Maven)
May 18, 2022
ProTip!
Advisories are also available from the
GraphQL API