GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,990
Composer 4,293
Erlang 31
GitHub Actions 21
Go 2,061
Maven 5,239
npm 3,744
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,510

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

703 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in the File Upload plugin before 4.13.0 for WordPress. A directory... Critical Unreviewed

CVE-2020-10564 was published May 24, 2022

The Metasploit Framework module "post/osx/gather/enum_osx module" is affected by a relative path... Critical Unreviewed

CVE-2020-7376 was published May 24, 2022

A path handling issue was addressed with improved validation. This issue is fixed in iOS 13.6 and... Critical Unreviewed

CVE-2020-9920 was published May 24, 2022

Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of... Critical Unreviewed

CVE-2020-27160 was published May 24, 2022

Path traversal in the Intel(R) EMA before version 1.3.3 may allow an unauthenticated user to... Critical Unreviewed

CVE-2020-12315 was published May 24, 2022

Unauthenticated remote code execution with root privileges in Citrix SD-WAN Center versions... Critical Unreviewed

CVE-2020-8271 was published May 24, 2022

In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it... Critical Unreviewed

CVE-2020-29600 was published May 24, 2022

SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, allows an authenticated... Critical Unreviewed

CVE-2020-26837 was published May 24, 2022

In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute... Critical Unreviewed

CVE-2020-27730 was published May 24, 2022

Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote... Critical Unreviewed

CVE-2020-5639 was published May 24, 2022

There are multiple unauthenticated directory traversal vulnerabilities in different FTP commands... Critical Unreviewed

CVE-2020-20277 was published May 24, 2022

Multiple directory traversal vulnerabilities in TerraMaster TOS <= 4.2.06 allow remote... Critical Unreviewed

CVE-2020-28187 was published May 24, 2022

A vulnerability has been reported to affect earlier QNAP devices running QTS 4.3.4 to 4.3.6.... Critical Unreviewed

CVE-2018-19945 was published May 24, 2022

Directory traversal vulnerability in post-edit.php in MiniCMS V1.10 allows remote attackers to... Critical Unreviewed

CVE-2020-36052 was published May 24, 2022

A directory traversal vulnerability in file upload function of Gotenberg through 6.2.1 allows an... Critical Unreviewed

CVE-2020-13450 was published May 24, 2022

Directory traversal with remote code execution can occur in /upload in ONLYOFFICE Document Server... Critical Unreviewed

CVE-2021-3199 was published May 24, 2022

condor_credd in HTCondor before 8.9.11 allows Directory Traversal outside the... Critical Unreviewed

CVE-2021-25311 was published May 24, 2022

A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager... Critical Unreviewed

CVE-2021-25140 was published May 24, 2022

Directory traversal vulnerability in ELECOM File Manager all versions allows remote attackers to... Critical Unreviewed

CVE-2021-20651 was published May 24, 2022

The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server... Critical Unreviewed

CVE-2021-21972 was published May 24, 2022

An issue was discovered in AfterLogic Aurora through 8.5.3 and WebMail Pro through 8.5.3, when... Critical Unreviewed

CVE-2021-26293 was published May 24, 2022

The Enterprise License Manager portal in Mitel MiContact Center Enterprise before 9.4 could allow... Critical Unreviewed

CVE-2021-26714 was published May 24, 2022

Manage Engine OpManager builds below 125346 are vulnerable to a remote denial of service... Critical Unreviewed

CVE-2021-20078 was published May 24, 2022

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')... Critical Unreviewed

CVE-2021-22718 was published May 24, 2022

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')... Critical Unreviewed

CVE-2021-22720 was published May 24, 2022

Previous 1 2 … 8 9 10 11 12 … 28 29 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

703 advisories