Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+

6 advisories

Loading
Apache Kyuubi Server vulnerable to Path Traversal High
CVE-2025-66518 was published for org.apache.kyuubi:kyuubi-server_2.12 (Maven) Jan 5, 2026
Path Traversal: 'dir/../../filename' in moment.locale High
CVE-2022-24785 was published for Moment.js (npm) Apr 4, 2022
Path Traversal: 'dir/../../filename' vulnerability in Yordam Information Technology Consulting... High Unreviewed
CVE-2025-10438 was published Sep 25, 2025
A vulnerability in the Out-of-Band (OOB) Plug and Play (PnP) feature of Cisco Nexus Dashboard... High Unreviewed
CVE-2024-20348 was published Apr 3, 2024
Patch traversal, External Control of File Name or Path vulnerability in Iocharger Home allows... High Unreviewed
CVE-2024-43658 was published Jan 9, 2025
The permission model protects itself against path traversal attacks by calling path.resolve() on... High Unreviewed
CVE-2024-21896 was published Feb 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database