Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,476
Erlang
33
GitHub Actions
24
Go
2,207
Maven
5,000+
npm
3,858
NuGet
696
pip
3,639
Pub
12
RubyGems
913
Rust
918
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20 advisories

Loading
When uploading organism or sequence data via the web interface, GMOD Apollo will unzip and... Critical Unreviewed
CVE-2025-23410 was published Mar 5, 2025
Relative Path Traversal vulnerability in Ping Identity PingAM Java Policy Agent allows Parameter... Critical Unreviewed
CVE-2025-20059 was published Feb 20, 2025
A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5... Critical Unreviewed
CVE-2023-34990 was published Dec 18, 2024
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of... Critical Unreviewed
CVE-2024-11311 was published Nov 18, 2024
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of... Critical Unreviewed
CVE-2024-11313 was published Nov 18, 2024
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of... Critical Unreviewed
CVE-2024-11312 was published Nov 18, 2024
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of... Critical Unreviewed
CVE-2024-11315 was published Nov 18, 2024
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of... Critical Unreviewed
CVE-2024-11314 was published Nov 18, 2024
Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to write... Critical Unreviewed
CVE-2023-3941 was published May 21, 2024
mintplex-labs/anything-llm is vulnerable to path traversal attacks due to insufficient validation... Critical Unreviewed
CVE-2024-3025 was published Apr 10, 2024
A user who is privileged already `manager` or `admin` can set their profile picture via the... Critical Unreviewed
CVE-2024-0550 was published Feb 28, 2024
A vulnerability was found in Drag and Drop Multiple File Upload Contact Form 7 5.0.6.1. It has... Critical Unreviewed
CVE-2023-1112 was published Mar 1, 2023
Relative Path Traversal vulnerability in YugaByte, Inc. Yugabyte Managed ... Critical Unreviewed
CVE-2023-0745 was published Feb 9, 2023
Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 was discovered... Critical Unreviewed
CVE-2022-28814 was published Sep 29, 2022
The affected product is vulnerable to directory traversal, which may allow an attacker to access... Critical Unreviewed
CVE-2022-2139 was published Jul 23, 2022
OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative... Critical Unreviewed
CVE-2022-2120 was published Jun 25, 2022
ZipSlip vulnerability in bblfshd Critical Unreviewed
CVE-2021-32825 was published May 24, 2022
An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a... Critical Unreviewed
CVE-2021-40870 was published May 24, 2022
A relative path traversal attack in the B. Braun OnlineSuite Version AP 3.0 and earlier allows... Critical Unreviewed
CVE-2020-25172 was published May 24, 2022
The Metasploit Framework module "post/osx/gather/enum_osx module" is affected by a relative path... Critical Unreviewed
CVE-2020-7376 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database