Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,180
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,324
Pub
11
RubyGems
882
Rust
835
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

46 advisories

Loading
mySCADA myDESIGNER Versions 8.20.0 and prior fails to properly validate contents of an imported... High Unreviewed
CVE-2021-43555 was published May 24, 2022
In some non-default installations of Esri Portal for ArcGIS versions 10.9.1 and below, a... High Unreviewed
CVE-2022-38205 was published Dec 29, 2022
There is a path traversal vulnerability in Esri ArcGIS Server versions 10.9.1 and below.... High Unreviewed
CVE-2022-38202 was published Dec 28, 2022
A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide... High Unreviewed
CVE-2021-34605 was published May 12, 2022
A relative path traversal attack in the B. Braun Melsungen AG SpaceCom Version L81/U61 and... High Unreviewed
CVE-2020-25150 was published Apr 15, 2022
A vulnerability was found in MuYuCMS 2.2. It has been rated as problematic. Affected by this... High Unreviewed
CVE-2023-1045 was published Feb 26, 2023
A vulnerability was found in MuYuCMS 2.2. It has been declared as problematic. Affected by this... High Unreviewed
CVE-2023-1044 was published Feb 26, 2023
The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a... High Unreviewed
CVE-2022-1373 was published Aug 18, 2022
The affected products are vulnerable to directory traversal, which may allow an attacker to... High Unreviewed
CVE-2022-1661 was published Jun 3, 2022
Relative Path Traversal in GitHub repository mintplex-labs/anything-llm prior to 0.0.1. High Unreviewed
CVE-2023-4897 was published Sep 11, 2023
A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5... High Unreviewed
CVE-2023-42783 was published Nov 14, 2023
A path traversal vulnerability has been detected in Repox, which allows an attacker to read... High Unreviewed
CVE-2023-6722 was published Dec 13, 2023
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR... High Unreviewed
CVE-2019-18338 was published May 24, 2022
NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where, when it is... High Unreviewed
CVE-2023-31036 was published Jan 12, 2024
AVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal... High Unreviewed
CVE-2022-23854 was published Dec 23, 2022
A relative path traversal in Fortinet FortiManager version 7.4.0 and 7.2.0 through 7.2.3 and 7.0... High Unreviewed
CVE-2023-42791 was published Feb 20, 2024
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions ... High Unreviewed
CVE-2024-27199 was published Mar 4, 2024
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-23: Relative Path Traversal High Unreviewed
CVE-2024-27770 was published Mar 18, 2024
A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. It... High Unreviewed
CVE-2019-13408 was published May 24, 2022
The Metasploit Framework module "auxiliary/admin/http/telpho10_credential_dump" module is... High Unreviewed
CVE-2020-7377 was published May 24, 2022
A relative path traversal vulnerability in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 -... High Unreviewed
CVE-2022-42470 was published Apr 11, 2023
A relative path traversal [CWE-23] in Fortinet FortiADC version 7.2.0 and before 7.1.1 allows a... High Unreviewed
CVE-2023-27993 was published May 4, 2023
SmartBPM.NET has a vulnerability of using hard-coded authentication key. An unauthenticated... High Unreviewed
CVE-2023-37288 was published Jul 10, 2023
In Keysight Geolocation Server v2.4.2 and prior, an attacker could upload a specially... High Unreviewed
CVE-2023-34394 was published Jul 20, 2023
Relative path traversal vulnerability in Setelsa Security's ConacWin CB, in its 3.8.2.2 version... High Unreviewed
CVE-2023-3512 was published Oct 4, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database