Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

10 advisories

Loading
DotNetZip Directory Traversal vulnerability High
CVE-2024-48510 was published for DotNetZip (NuGet) Nov 13, 2024
tgstation-server's DreamMaker environment files outside the deployment directory can be compiled and ran by insufficiently permissioned users High
CVE-2024-41799 was published for Tgstation.Server.Api (NuGet) Jul 29, 2024
SandPoot Cyberboss
Directory traversal + file write causing arbitrary code execution High
CVE-2023-30626 was published for Jellyfin.Controller (NuGet) Apr 24, 2023
theGEBIRGE
DNN Path Traversal via Zip Slip High
CVE-2020-5187 was published for DotNetNuke.Core (NuGet) May 24, 2022
Path Traversal: 'dir/../../filename' in moment.locale High
CVE-2022-24785 was published for Moment.js (npm) Apr 4, 2022
Path Traversal in SharpZipLib High
CVE-2021-32840 was published for SharpZipLib (NuGet) Feb 1, 2022
Path traversal in elFinder.NetCore High
CVE-2021-23428 was published for elFinder.NetCore (NuGet) Sep 2, 2021
Directory Traversal in elFinder.AspNet High
CVE-2021-23415 was published for elFinder.AspNet (NuGet) Aug 9, 2021
Path Traversal in elFinder.Net.Core High
CVE-2021-23407 was published for elFinder.Net.Core (NuGet) Aug 2, 2021
High severity vulnerability that affects DotNetZip High
CVE-2018-1002205 was published for DotNetZip (NuGet) Oct 16, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database