GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
359 advisories
GitPython blind local file inclusion
Moderate
CVE-2023-41040
was published
for
GitPython
(pip)
Aug 30, 2023
Ghost vulnerable to arbitrary file read via symlinks in content import
Moderate
CVE-2023-40028
was published
for
ghost
(npm)
Aug 15, 2023
Pimcore Path Traversal Vulnerability in AssetController:importServerFilesAction
Moderate
CVE-2023-38708
was published
for
pimcore/pimcore
(Composer)
Aug 3, 2023
@simonsmith/cypress-image-snapshothas fix for insecure snapshot file names
Moderate
CVE-2023-38695
was published
for
@simonsmith/cypress-image-snapshot
(npm)
Aug 1, 2023
OpenRefine vulnerable to zip slip in project import
Moderate
CVE-2023-37476
was published
for
org.openrefine:main
(Maven)
Jul 18, 2023
Apache MINA SSHD information disclosure vulnerability
Moderate
CVE-2023-35887
was published
for
org.apache.sshd:sshd-common
(Maven)
Jul 10, 2023
Arbitrary file read using percent-encoded relative paths in FileMiddleware
Moderate
CVE-2020-15230
was published
for
github.com/vapor/vapor
(Swift)
Jun 9, 2023
Starlette has Path Traversal vulnerability in StaticFiles
Moderate
CVE-2023-29159
was published
for
starlette
(pip)
May 17, 2023
n8n Directory Traversal vulnerability
Moderate
CVE-2023-27562
was published
for
n8n
(npm)
May 10, 2023
Path Traversal in Asset "import from server" option
Moderate
CVE-2023-2336
was published
for
pimcore/pimcore
(Composer)
Apr 27, 2023
Arbitrary file write in mindsdb when Extracting Tarballs retrieved from a remote location
Moderate
CVE-2022-23522
was published
for
mindsdb
(pip)
Mar 30, 2023
ProTip!
Advisories are also available from the
GraphQL API