GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
22 advisories
Filter by severity
High severity vulnerability that affects DotNetZip
High
CVE-2018-1002205
was published
for
DotNetZip
(NuGet)
Oct 16, 2018
Directory Traversal in SharpCompress
Moderate
CVE-2018-1002206
was published
for
sharpcompress
(NuGet)
Sep 11, 2019
Authenticated path traversal in Umbraco CMS
Moderate
CVE-2020-5811
was published
for
UmbracoCms
(NuGet)
Apr 13, 2021
Path Traversal in elFinder.Net.Core
High
CVE-2021-23407
was published
for
elFinder.Net.Core
(NuGet)
Aug 2, 2021
Directory Traversal in elFinder.AspNet
High
CVE-2021-23415
was published
for
elFinder.AspNet
(NuGet)
Aug 9, 2021
Path traversal in elFinder.NetCore
High
CVE-2021-23428
was published
for
elFinder.NetCore
(NuGet)
Sep 2, 2021
Partial path traversal in sharpcompress
Moderate
CVE-2021-39208
was published
for
sharpcompress
(NuGet)
Sep 20, 2021
Path Traversal in SharpZipLib
Moderate
CVE-2021-32841
was published
for
SharpZipLib
(NuGet)
Feb 1, 2022
Path Traversal in SharpZipLib
Moderate
CVE-2021-32842
was published
for
SharpZipLib
(NuGet)
Feb 1, 2022
Path Traversal: 'dir/../../filename' in moment.locale
High
CVE-2022-24785
was published
for
Moment.js
(npm)
Apr 4, 2022
CuteSoft CuteEditor Path Traversal vulnerability
Moderate
CVE-2009-4665
was published
for
CuteEditor
(NuGet)
May 2, 2022
Improper Limitation of a Pathname to a Restricted Directory in SharpZipLib
Moderate
CVE-2018-1002208
was published
for
SharpZipLib
(NuGet)
May 13, 2022
DNN Path Traversal via Zip Slip
High
CVE-2020-5187
was published
for
DotNetNuke.Core
(NuGet)
May 24, 2022
DNN vulnerable to Relative Path Traversal
Moderate
CVE-2022-2922
was published
for
DotNetNuke.Core
(NuGet)
Oct 1, 2022
Directory traversal + file write causing arbitrary code execution
High
CVE-2023-30626
was published
for
Jellyfin.Controller
(NuGet)
Apr 24, 2023
Using the directory back payload (“/../”) in a package name allows placement of package in other folders.
Low
CVE-2023-49089
was published
for
Umbraco.CMS
(NuGet)
Dec 13, 2023
CLSA Directory Traversal vulnerability
Critical
CVE-2024-28698
was published
for
Csla
(NuGet)
Jul 22, 2024
tgstation-server's DreamMaker environment files outside the deployment directory can be compiled and ran by insufficiently permissioned users
High
CVE-2024-41799
was published
for
Tgstation.Server.Api
(NuGet)
Jul 29, 2024
MPXJ has a Potential Path Traversal Vulnerability
Moderate
CVE-2024-49771
was published
for
MPXJ.Net
(RubyGems)
Oct 28, 2024
DotNetZip Directory Traversal vulnerability
High
CVE-2024-48510
was published
for
DotNetZip
(NuGet)
Nov 13, 2024
ProTip!
Advisories are also available from the
GraphQL API