Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+

15 advisories

Loading
Path Traversal: 'dir/../../filename' in moment.locale High
CVE-2022-24785 was published for Moment.js (npm) Apr 4, 2022
Path Traversal vulnerability in GMS and Analytics allows an authenticated attacker to read... Moderate Unreviewed
CVE-2023-34125 was published Jul 13, 2023
Arbitrary file read vulnerability through the Jenkins CLI can lead to RCE Critical
CVE-2024-23897 was published for org.jenkins-ci.main:jenkins-core (Maven) Jan 24, 2024
sunSUNQ Credited to sunSUNQ
The permission model protects itself against path traversal attacks by calling path.resolve() on... High Unreviewed
CVE-2024-21896 was published Feb 20, 2024
cmseasy V7.7.7.9 has an arbitrary file deletion vulnerability in lib/admin/template_admin.php. Moderate Unreviewed
CVE-2024-25828 was published Feb 22, 2024
An issue in Jeewms v.3.7 and before allows a remote attacker to escalate privileges via the... Critical Unreviewed
CVE-2024-27764 was published Mar 6, 2024
A vulnerability in the Out-of-Band (OOB) Plug and Play (PnP) feature of Cisco Nexus Dashboard... High Unreviewed
CVE-2024-20348 was published Apr 3, 2024
A vulnerability was found in elunez eladmin up to 2.7 and classified as critical. This issue... Moderate Unreviewed
CVE-2024-7458 was published Aug 5, 2024
A vulnerability in Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2023-20090 was published Nov 15, 2024
Patch traversal, External Control of File Name or Path vulnerability in Iocharger Home allows... High Unreviewed
CVE-2024-43658 was published Jan 9, 2025
An issue in the component /stl/actions/download?filePath of SSCMS v7.3.1 allows attackers to... Moderate Unreviewed
CVE-2025-52237 was published Aug 5, 2025
Path Traversal: 'dir/../../filename' vulnerability in Yordam Information Technology Consulting... High Unreviewed
CVE-2025-10438 was published Sep 25, 2025
Denial of service (DoS) vulnerability in the office service. Successful exploitation of this... Low Unreviewed
CVE-2025-58292 was published Oct 11, 2025
Apache Kyuubi Server vulnerable to Path Traversal High
CVE-2025-66518 was published for org.apache.kyuubi:kyuubi-server_2.12 (Maven) Jan 5, 2026
A vulnerability in the sftunnel functionality of Cisco Secure Firewall Management Center (FMC)... Moderate Unreviewed
CVE-2026-20018 was published Mar 4, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database