GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,768

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

598 advisories

Filter by severity

Sort by

Least recently updated

** DISPUTED ** TensorFlow through 2.5.0 allows attackers to overwrite arbitrary files via a... Critical Unreviewed

CVE-2021-35958 was published May 24, 2022

SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal... Critical Unreviewed

CVE-2021-31272 was published May 24, 2022

An issue was discovered in Cleo LexiCom 5.5.0.0. Within the AS2 message, the sender can specify a... Critical Unreviewed

CVE-2021-33576 was published May 24, 2022

A lack of filename validation when unzipping archives prior to WhatsApp for Android v2.21.8.13... Critical Unreviewed

CVE-2021-24035 was published May 24, 2022

MetInfo 7.0 beta is affected by a file modification vulnerability. Attackers can delete and... Critical Unreviewed

CVE-2020-20907 was published May 24, 2022

An issue was discovered in Smartstore (aka SmartStoreNET) before 4.1.0. Administration... Critical Unreviewed

CVE-2020-36364 was published May 24, 2022

Path Traversal in HongCMS v4.0.0 allows remote attackers to view, edit, and delete arbitrary... Critical Unreviewed

CVE-2020-18178 was published May 24, 2022

Path Traversal in iCMS v7.0.13 allows remote attackers to delete folders by injecting commands... Critical Unreviewed

CVE-2020-18070 was published May 24, 2022

Zoho ManageEngine Eventlog Analyzer through 12147 is vulnerable to unauthenticated directory... Critical Unreviewed

CVE-2021-28959 was published May 24, 2022

A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <=... Critical Unreviewed

CVE-2021-20090 was published May 24, 2022

Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arbitrary files by sending a... Critical Unreviewed

CVE-2020-17564 was published May 24, 2022

Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arbitrary files by sending a... Critical Unreviewed

CVE-2020-17563 was published May 24, 2022

AnySupport (Remote support solution) before 2019.3.21.0 allows directory traversing because of... Critical Unreviewed

CVE-2020-7861 was published May 24, 2022

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')... Critical Unreviewed

CVE-2021-22720 was published May 24, 2022

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')... Critical Unreviewed

CVE-2021-22718 was published May 24, 2022

Manage Engine OpManager builds below 125346 are vulnerable to a remote denial of service... Critical Unreviewed

CVE-2021-20078 was published May 24, 2022

The Enterprise License Manager portal in Mitel MiContact Center Enterprise before 9.4 could allow... Critical Unreviewed

CVE-2021-26714 was published May 24, 2022

An issue was discovered in AfterLogic Aurora through 8.5.3 and WebMail Pro through 8.5.3, when... Critical Unreviewed

CVE-2021-26293 was published May 24, 2022

The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server... Critical Unreviewed

CVE-2021-21972 was published May 24, 2022

Directory traversal vulnerability in ELECOM File Manager all versions allows remote attackers to... Critical Unreviewed

CVE-2021-20651 was published May 24, 2022

A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager... Critical Unreviewed

CVE-2021-25140 was published May 24, 2022

condor_credd in HTCondor before 8.9.11 allows Directory Traversal outside the... Critical Unreviewed

CVE-2021-25311 was published May 24, 2022

Directory traversal with remote code execution can occur in /upload in ONLYOFFICE Document Server... Critical Unreviewed

CVE-2021-3199 was published May 24, 2022

A directory traversal vulnerability in file upload function of Gotenberg through 6.2.1 allows an... Critical Unreviewed

CVE-2020-13450 was published May 24, 2022

Directory traversal vulnerability in post-edit.php in MiniCMS V1.10 allows remote attackers to... Critical Unreviewed

CVE-2020-36052 was published May 24, 2022

Previous 1 2 … 14 15 16 17 18 … 23 24 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

598 advisories