Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,440
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

709 advisories

Loading
It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An... Critical Unreviewed
CVE-2021-42013 was published May 24, 2022
Projectsend version r1295 is affected by a directory traversal vulnerability. Because of lacking... Critical Unreviewed
CVE-2021-40887 was published May 24, 2022
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2... Critical Unreviewed
CVE-2021-38454 was published May 24, 2022
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2... Critical Unreviewed
CVE-2021-38452 was published May 24, 2022
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). The affected... Critical Unreviewed
CVE-2021-33724 was published May 24, 2022
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). The affected... Critical Unreviewed
CVE-2021-33725 was published May 24, 2022
An arbitrary file upload and directory traversal vulnerability exists in the file upload... Critical Unreviewed
CVE-2021-20125 was published May 24, 2022
The CivetWeb web library does not validate uploaded filepaths when running on an OS other than... Critical Unreviewed
CVE-2020-27304 was published May 24, 2022
Gridpro Request Management for Windows Azure Pack before 2.0.7912 allows Directory Traversal for... Critical Unreviewed
CVE-2021-40371 was published May 24, 2022
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2021-3823 was published May 24, 2022
A remote unauthenticated directory traversal security vulnerability has been identified in HPE... Critical Unreviewed
CVE-2021-29212 was published May 24, 2022
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins Critical
CVE-2021-21690 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins Critical
CVE-2021-21692 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins Critical
CVE-2021-21686 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault westonsteimel
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS... Critical Unreviewed
CVE-2021-40358 was published May 24, 2022
The Keybase Client for Windows before version 5.7.0 contains a path traversal vulnerability when... Critical Unreviewed
CVE-2021-34422 was published May 24, 2022
A directory traversal issue in ResourceSpace 9.6 before 9.6 rev 18277 allows remote... Critical Unreviewed
CVE-2021-41950 was published May 24, 2022
Linear eMerge 50P/5000P devices allow Cookie Path Traversal. Critical Unreviewed
CVE-2019-7267 was published May 24, 2022
gitjacker arbitrary code execution Critical
CVE-2021-29417 was published for github.com/liamg/gitjacker (Go) May 24, 2022
ZipSlip vulnerability in bblfshd Critical Unreviewed
CVE-2021-32825 was published May 24, 2022
In Eclipse Theia 0.1.1 to 0.2.0, it is possible to exploit the default build to obtain remote... Critical Unreviewed
CVE-2021-34436 was published May 24, 2022
The R programming language’s default package manager CRAN is affected by a path traversal... Critical Unreviewed
CVE-2020-27637 was published May 24, 2022
Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20... Critical Unreviewed
CVE-2022-1664 was published May 27, 2022
An issue in Webbank WeCube v3.2.2 allows attackers to execute a directory traversal via a crafted... Critical Unreviewed
CVE-2022-28945 was published Jun 3, 2022
In Real Player 20.0.7.309 and 20.0.8.310, external::Import() allows download of arbitrary file... Critical Unreviewed
CVE-2022-32270 was published Jun 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database