GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,367
Maven
5,000+
npm
3,986
NuGet
720
pip
3,778
Pub
12
RubyGems
926
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+
279 advisories
Filter by severity
Apache Tomcat Directory Traversal vulnerability
Moderate
CVE-2008-2938
was published
for
org.apache.tomcat:tomcat
(Maven)
May 1, 2022
Apache Tomcat Path Traversal Vulnerability
Moderate
CVE-2008-2370
was published
for
org.apache.tomcat:tomcat
(Maven)
May 1, 2022
Alkacon OpenCMS Absolute Path Traversal via pathname in filePath.0 parameter
Moderate
CVE-2008-1301
was published
for
org.opencms:opencms-core
(Maven)
May 1, 2022
Mortbay Jetty Double Slash URI Information Disclosure Vulnerability
Moderate
CVE-2007-6672
was published
for
org.mortbay.jetty:jetty
(Maven)
May 1, 2022
Apache Tomcat Path Traversal Vulnerability
Low
CVE-2007-5461
was published
for
org.apache.tomcat:tomcat
(Maven)
May 1, 2022
Apache Tomcat Directory Traversal
Moderate
CVE-2007-0450
was published
for
org.apache.tomcat:tomcat
(Maven)
May 1, 2022
Alkacon OpenCMS Absolute Path Traversal via pathname in filePath parameter
Moderate
CVE-2006-3934
was published
for
org.opencms:opencms-core
(Maven)
May 1, 2022
Jetty Directory Traversal Vulnerability
Moderate
CVE-2006-2758
was published
for
org.mortbay.jetty:jetty
(Maven)
May 1, 2022
Apache Tomcat Directory Traversal
Moderate
CVE-2000-1210
was published
for
org.apache.tomcat:tomcat
(Maven)
Apr 30, 2022
Jakarta Tomcat Directory Listing vulnerability
Moderate
CVE-2003-0042
was published
for
org.apache.tomcat:tomcat
(Maven)
Apr 29, 2022
Arbitrary filesystem write access from velocity.
High
CVE-2022-24897
was published
for
org.xwiki.commons:xwiki-commons-velocity
(Maven)
Apr 28, 2022
Path traversal in the OWASP Enterprise Security API
High
CVE-2022-23457
was published
for
org.owasp.esapi:esapi
(Maven)
Apr 27, 2022
Path traversal in Hadoop
Critical
CVE-2022-26612
was published
for
org.apache.hadoop:hadoop-common
(Maven)
Apr 8, 2022
Path Traversal in Caucho Resin
High
CVE-2021-44138
was published
for
com.caucho:resin
(Maven)
Apr 5, 2022
Arbitrary file read vulnerability in Jenkins Continuous Integration with Toad Edge Plugin
Moderate
CVE-2022-28146
was published
for
org.jenkins-ci.plugins:ci-with-toad-edge
(Maven)
Mar 30, 2022
Path traversal in Jenkins Phoenix AutoTest Plugin
Moderate
CVE-2022-28156
was published
for
com.surenpi.jenkins:phoenix-autotest
(Maven)
Mar 30, 2022
Path traversal vulnerability on Windows in Jenkins Continuous Integration with Toad Edge Plugin
Moderate
CVE-2022-28148
was published
for
org.jenkins-ci.plugins:ci-with-toad-edge
(Maven)
Mar 30, 2022
Path traversal in Jenkins Pipeline Phoenix AutoTest Plugin
Moderate
CVE-2022-28157
was published
for
com.surenpi.jenkins:phoenix-autotest
(Maven)
Mar 30, 2022
Path Traversal in Spring-integration-zip
Moderate
CVE-2021-22114
was published
for
org.springframework.integration:spring-integration-zip
(Maven)
Mar 18, 2022
Arbitrary JSON and property file read vulnerability in Jenkins Extended Choice Parameter Plugin
Moderate
CVE-2022-27203
was published
for
org.jenkins-ci.plugins:extended-choice-parameter
(Maven)
Mar 16, 2022
Arbitrary file read vulnerability in Jenkins kubernetes-cd Plugin
Moderate
CVE-2022-27208
was published
for
org.jenkins-ci.plugins:kubernetes-cd
(Maven)
Mar 16, 2022
Path Traversal in LemMinX
Moderate
CVE-2022-0673
was published
for
org.eclipse.lemminx:lemminx-parent
(Maven)
Feb 19, 2022
Path traversal in MCMS
High
CVE-2021-46037
was published
for
net.mingsoft:ms-mcms
(Maven)
Feb 19, 2022
MCMS Arbitrary File Deletion vulnerability
High
CVE-2021-46062
was published
for
net.mingsoft:ms-basic
(Maven)
Feb 19, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jenkins Pipeline: Shared Groovy Libraries Plugin
Moderate
CVE-2022-25178
was published
for
org.jenkins-ci.plugins.workflow:workflow-cps-global-lib
(Maven)
Feb 16, 2022
ProTip!
Advisories are also available from the
GraphQL API