GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,249
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,723
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
107 advisories
Filter by severity
High severity vulnerability that affects org.dspace:dspace-xmlui
High
CVE-2016-10726
was published
for
org.dspace:dspace-xmlui
(Maven)
Oct 19, 2018
In blynk-server a Directory Traversal exists
High
CVE-2018-17785
was published
for
com.github.blynkkk:blynk-server
(Maven)
Oct 17, 2018
Spark allows remote attackers to read arbitrary files via a .. (dot dot) in the URI
High
CVE-2016-9177
was published
for
com.sparkjava:spark-core
(Maven)
Oct 4, 2018
Unzip function in ZipUtil.java in Hutool allows remote attackers to overwrite arbitrary files via directory traversal
High
CVE-2018-17297
was published
for
cn.hutool:hutool-all
(Maven)
Oct 17, 2018
Directory Traversal vulnerability in Square Retrofit
High
CVE-2018-1000850
was published
for
com.squareup.retrofit2:retrofit
(Maven)
Dec 21, 2018
Path Traversal in minsoft:ms-mcms
High
CVE-2018-18831
was published
for
net.mingsoft:ms-mcms
(Maven)
Nov 1, 2018
Improper Limitation of a Pathname ('Path Traversal') in org.apache.jspwiki:jspwiki-war
High
CVE-2019-0225
was published
for
org.apache.jspwiki:jspwiki-war
(Maven)
Apr 8, 2019
Improper Limitation of a Pathname ('Path Traversal') in org.apache.solr:solr-core
High
CVE-2017-3163
was published
for
org.apache.solr:solr-core
(Maven)
Oct 18, 2018
Gravitee API Management contains Path Traversal
High
CVE-2022-38723
was published
for
io.gravitee.apim:gravitee-api-management
(Maven)
Jan 4, 2023
org.neo4j.procedure:apoc Path Traversal Vulnerability
High
CVE-2022-23532
was published
for
org.neo4j.procedure:apoc
(Maven)
Jan 13, 2023
Path Traversal in Caucho Resin
High
CVE-2021-44138
was published
for
com.caucho:resin
(Maven)
Apr 5, 2022
Path Traversal in Jenkins
High
CVE-2018-1000194
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jboss EAP Undertow
High
CVE-2018-1048
was published
for
org.jboss.eap:wildfly-undertow
(Maven)
May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in Fabric8 Kubernetes Client
High
CVE-2021-20218
was published
for
io.fabric8:kubernetes-client
(Maven)
May 24, 2022
Path traversal in CureKit
High
CVE-2022-23082
was published
for
io.whitesource:curekit
(Maven)
Jun 1, 2022
User account escalation in Apache Hadoop
High
CVE-2021-33036
was published
for
org.apache.hadoop:hadoop-yarn-server-common
(Maven)
Jun 16, 2022
Partial Path Traversal in com.amazonaws:aws-java-sdk-s3
High
CVE-2022-31159
was published
for
com.amazonaws:aws-java-sdk-s3
(Maven)
Jul 15, 2022
JSPUI vulnerable to path traversal in submission (resumable) upload
High
CVE-2022-31194
was published
for
org.dspace:dspace-jspui
(Maven)
Aug 6, 2022
Path traversal in Gitblit
High
CVE-2022-31268
was published
for
com.gitblit:gitblit
(Maven)
May 22, 2022
Path traversal in the OWASP Enterprise Security API
High
CVE-2022-23457
was published
for
org.owasp.esapi:esapi
(Maven)
Apr 27, 2022
Path Traversal in Apache Camel
High
CVE-2019-0194
was published
for
org.apache.camel:camel-core
(Maven)
May 2, 2019
Path Traversal in Payara
High
CVE-2022-37422
was published
for
fish.payara.api:payara-bom
(Maven)
Aug 19, 2022
FusionAuth vulnerable to directory traversal attack
High
CVE-2022-45921
was published
for
io.fusionauth:fusionauth-java-client
(Maven)
Nov 28, 2022
Goomph before 3.37.2 allows malicious zip file to write contents to arbitrary locations
High
CVE-2022-26049
was published
for
com.diffplug.gradle:goomph
(Maven)
Sep 12, 2022
Path Traversal in the Java Kubernetes Client
High
CVE-2020-8570
was published
for
io.kubernetes:client-java
(Maven)
Jan 29, 2021
ProTip!
Advisories are also available from the
GraphQL API