GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
119 advisories
Filter by severity
Jenkins Filesystem List Parameter Plugin has Path Traversal vulnerability
Moderate
CVE-2024-54004
was published
for
aendter.jenkins.plugins:filesystem-list-parameter-plugin
(Maven)
Nov 27, 2024
FitNesse Path Traversal
Moderate
CVE-2024-42499
was published
for
org.fitnesse:fitnesse
(Maven)
Nov 15, 2024
MPXJ has a Potential Path Traversal Vulnerability
Moderate
CVE-2024-49771
was published
for
MPXJ.Net
(RubyGems)
Oct 28, 2024
CometVisu Backend for openHAB has a path traversal vulnerability
Moderate
CVE-2024-42468
was published
for
org.openhab.ui.bundles:org.openhab.ui.cometvisu
(Maven)
Aug 9, 2024
Apache Zeppelin Path Traversal vulnerability
Moderate
CVE-2024-31860
was published
for
org.apache.zeppelin:zeppelin-server
(Maven)
Apr 9, 2024
Jenkins HTML Publisher Plugin Path traversal vulnerability
Moderate
CVE-2024-28151
was published
for
org.jenkins-ci.plugins:htmlpublisher
(Maven)
Mar 6, 2024
Absolute path traversal vulnerability in digdag server
Moderate
CVE-2024-25125
was published
for
io.digdag:digdag-server
(Maven)
Feb 14, 2024
CrateDB database has an arbitrary file read vulnerability
Moderate
CVE-2024-24565
was published
for
io.crate:crate
(Maven)
Jan 30, 2024
Path traversal vulnerability in Jenkins Matrix Project Plugin
Moderate
CVE-2024-23900
was published
for
org.jenkins-ci.plugins:matrix-project
(Maven)
Jan 24, 2024
Apache Shiro vulnerable to path traversal
Moderate
CVE-2023-46749
was published
for
org.apache.shiro:shiro-core
(Maven)
Jan 15, 2024
Directory Traversal in jeecg-boot
Moderate
CVE-2023-47467
was published
for
org.jeecgframework.boot:jeecg-boot-common
(Maven)
Nov 22, 2023
Jenkins CloudBees CD Plugin vulnerable to arbitrary file read
Moderate
CVE-2023-46655
was published
for
org.jenkins-ci.plugins:electricflow
(Maven)
Oct 25, 2023
Path traversal in Jenkins Job Configuration History Plugin
Moderate
CVE-2023-41930
was published
for
org.jenkins-ci.plugins:jobConfigHistory
(Maven)
Sep 6, 2023
OpenRefine vulnerable to zip slip in project import
Moderate
CVE-2023-37476
was published
for
org.openrefine:main
(Maven)
Jul 18, 2023
Jenkins MathWorks Polyspace Plugin vulnerable to arbitrary file read
Moderate
CVE-2023-37960
was published
for
com.mathworks.polyspace.jenkins:mathworks-polyspace
(Maven)
Jul 12, 2023
Apache MINA SSHD information disclosure vulnerability
Moderate
CVE-2023-35887
was published
for
org.apache.sshd:sshd-common
(Maven)
Jul 10, 2023
hawtio vulnerable to Path Traversal
Moderate
CVE-2023-33544
was published
for
io.hawt:project
(Maven)
Jun 1, 2023
Jenkins Code Dx Plugin missing permission checks
Moderate
CVE-2023-2196
was published
for
org.jenkins-ci.plugins:codedx
(Maven)
May 16, 2023
Jenkins Sidebar Link Plugin vulnerable to Path Traversal
Moderate
CVE-2023-32985
was published
for
org.jenkins-ci.plugins:sidebar-link
(Maven)
May 16, 2023
StaticHandler disclosure of classpath resources on Windows when mounted on a wildcard route
Moderate
CVE-2023-24815
was published
for
io.vertx:vertx-web
(Maven)
Feb 10, 2023
Path Traversal In Eclipse GlassFish
Moderate
CVE-2022-2712
was published
for
org.glassfish.main.web:web
(Maven)
Jan 27, 2023
Path Traversal in Jenkins visualexpert Plugin
Moderate
CVE-2023-24455
was published
for
io.jenkins.plugins:visualexpert
(Maven)
Jan 26, 2023
Path traversal vulnerability in Jenkins PWauth Security Realm Plugin
Moderate
CVE-2023-24449
was published
for
org.jvnet.hudson.plugins:pwauth
(Maven)
Jan 26, 2023
Apache DolphinScheduler vulnerable to Path Traversal
Moderate
CVE-2022-34662
was published
for
org.apache.dolphinscheduler:dolphinscheduler
(Maven)
Nov 1, 2022
Apache DolphinScheduler vulnerable to Path Traversal
Moderate
CVE-2022-26884
was published
for
org.apache.dolphinscheduler:dolphinscheduler
(Maven)
Oct 28, 2022
ProTip!
Advisories are also available from the
GraphQL API