Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

262 advisories

Loading
FitNesse Path Traversal Moderate
CVE-2024-42499 was published for org.fitnesse:fitnesse (Maven) Nov 15, 2024
Jenkins Remoting library arbitrary file read vulnerability High
CVE-2024-43044 was published for org.jenkins-ci.main:jenkins-core (Maven) Aug 7, 2024
Jenkins Report Info Plugin Path Traversal vulnerability Low
CVE-2024-5273 was published for org.jenkins-ci.plugins:report-info (Maven) May 24, 2024
OpenRefine has a path traversal in LoadLanguageCommand High
CVE-2024-49760 was published for org.openrefine:openrefine (Maven) Oct 24, 2024
Path traversal vulnerability in functional web frameworks High
CVE-2024-38816 was published for org.springframework:spring-webflux (Maven) Sep 13, 2024
Malayke AlexeyTsvetkov
Duplicate Advisory: Reposilite Arbitrary File Read vulnerability High
CVE-2024-36117 was published for com.reposilite:reposilite-backend (Maven) Aug 5, 2024 withdrawn
Reposilite vulnerable to path traversal while serving javadoc expanded files (arbitrary file read) (`GHSL-2024-074`) High
GHSA-82j3-hf72-7x93 was published for com.reposilite:reposilite-backend (Maven) Nov 4, 2024
artsploit
Jenkins HTML Publisher Plugin Path traversal vulnerability Moderate
CVE-2024-28151 was published for org.jenkins-ci.plugins:htmlpublisher (Maven) Mar 6, 2024
MPXJ has a Potential Path Traversal Vulnerability Moderate
CVE-2024-49771 was published for MPXJ.Net (RubyGems) Oct 28, 2024
Butterfly has path/URL confusion in resource handling leading to multiple weaknesses Critical
CVE-2024-47883 was published for org.openrefine.dependencies:butterfly (Maven) Oct 24, 2024
Apache Linkis Zip Slip issue Critical
CVE-2023-27603 was published for org.apache.linkis:linkis (Maven) Jul 6, 2023
Absolute path traversal vulnerability in digdag server Moderate
CVE-2024-25125 was published for io.digdag:digdag-server (Maven) Feb 14, 2024
p-
Apache StreamPark Path Traversal vulnerability Critical
CVE-2022-45802 was published for org.apache.streampark:streampark-common_2.11 (Maven) Jul 6, 2023
OpenRefine JDBC Attack Vulnerability High
CVE-2024-23833 was published for org.openrefine:database (Maven) Feb 12, 2024
l0n3rs
ureport arbitrary file read vulnerability High
CVE-2023-48848 was published for com.bstek.ureport:ureport2-core (Maven) Nov 28, 2023
Path Traversal in Apache Shiro Critical
CVE-2023-34478 was published for org.apache.shiro:shiro-web (Maven) Jul 24, 2023
Jeecg boot arbitrary file read vulnerability High
CVE-2023-41578 was published for org.jeecgframework.boot:jeecg-boot-parent (Maven) Sep 8, 2023
Arbitrary file read vulnerability through the Jenkins CLI can lead to RCE Critical
CVE-2024-23897 was published for org.jenkins-ci.main:jenkins-core (Maven) Jan 24, 2024
sunSUNQ
RDF4J vulnerable to zip slip High
CVE-2018-20227 was published for org.eclipse.rdf4j:rdf4j (Maven) May 14, 2022
MarkLee131
CometVisu Backend for openHAB affected by RCE through path traversal Critical
CVE-2024-42469 was published for org.openhab.ui.bundles:org.openhab.ui.cometvisu (Maven) Aug 9, 2024
p-
CometVisu Backend for openHAB has a path traversal vulnerability Moderate
CVE-2024-42468 was published for org.openhab.ui.bundles:org.openhab.ui.cometvisu (Maven) Aug 9, 2024
p- peuter
Path traversal in Reposilite javadoc file expansion (arbitrary file creation/overwrite) (`GHSL-2024-073`) High
CVE-2024-36116 was published for com.reposilite:reposilite-backend (Maven) Aug 2, 2024
artsploit
Remote code execution in Spring Cloud Data Flow Critical
CVE-2024-37084 was published for org.springframework.cloud:spring-cloud-skipper (Maven) Jul 25, 2024
Keycloak path traversal vulnerability in redirection validation High
CVE-2024-1132 was published for org.keycloak:keycloak-services (Maven) Apr 17, 2024
Classpath resource disclosure in GWC Web Resource API on Windows / Tomcat High
CVE-2024-24749 was published for org.geoserver.web:gs-web-app (Maven) Jul 1, 2024
Kai5174 sikeoka
jodygarnett
ProTip! Advisories are also available from the GraphQL API