Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

21 advisories

Loading
MPXJ has a Potential Path Traversal Vulnerability Moderate
CVE-2024-49771 was published for MPXJ.Net (RubyGems) Oct 28, 2024
tgstation-server's DreamMaker environment files outside the deployment directory can be compiled and ran by insufficiently permissioned users High
CVE-2024-41799 was published for Tgstation.Server.Api (NuGet) Jul 29, 2024
SandPoot Cyberboss
CLSA Directory Traversal vulnerability Critical
CVE-2024-28698 was published for Csla (NuGet) Jul 22, 2024
rockfordlhotka
Using the directory back payload (“/../”) in a package name allows placement of package in other folders. Low
CVE-2023-49089 was published for Umbraco.CMS (NuGet) Dec 13, 2023
mjalt96
Directory traversal + file write causing arbitrary code execution High
CVE-2023-30626 was published for Jellyfin.Controller (NuGet) Apr 24, 2023
theGEBIRGE
DNN vulnerable to Relative Path Traversal Moderate
CVE-2022-2922 was published for DotNetNuke.Core (NuGet) Oct 1, 2022
DNN Path Traversal via Zip Slip High
CVE-2020-5187 was published for DotNetNuke.Core (NuGet) May 24, 2022
CoreFTP Directory Traversal Moderate
CVE-2019-9648 was published for CoreFtp (NuGet) May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in SharpZipLib Moderate
CVE-2018-1002208 was published for SharpZipLib (NuGet) May 13, 2022
CuteSoft CuteEditor Path Traversal vulnerability Moderate
CVE-2009-4665 was published for CuteEditor (NuGet) May 2, 2022
Path Traversal: 'dir/../../filename' in moment.locale High
CVE-2022-24785 was published for Moment.js (npm) Apr 4, 2022
Path Traversal in SharpZipLib Moderate
CVE-2021-32842 was published for SharpZipLib (NuGet) Feb 1, 2022
Path Traversal in SharpZipLib Moderate
CVE-2021-32841 was published for SharpZipLib (NuGet) Feb 1, 2022
Path Traversal in SharpZipLib High
CVE-2021-32840 was published for SharpZipLib (NuGet) Feb 1, 2022
Partial path traversal in sharpcompress Moderate
CVE-2021-39208 was published for sharpcompress (NuGet) Sep 20, 2021
JarLob geoffodonnell
Path traversal in elFinder.NetCore High
CVE-2021-23428 was published for elFinder.NetCore (NuGet) Sep 2, 2021
Directory Traversal in elFinder.AspNet High
CVE-2021-23415 was published for elFinder.AspNet (NuGet) Aug 9, 2021
Path Traversal in elFinder.Net.Core High
CVE-2021-23407 was published for elFinder.Net.Core (NuGet) Aug 2, 2021
Authenticated path traversal in Umbraco CMS Moderate
CVE-2020-5811 was published for UmbracoCms (NuGet) Apr 13, 2021
Directory Traversal in SharpCompress Moderate
CVE-2018-1002206 was published for sharpcompress (NuGet) Sep 11, 2019
geoffodonnell
High severity vulnerability that affects DotNetZip High
CVE-2018-1002205 was published for DotNetZip (NuGet) Oct 16, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database