Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

594 advisories

Loading
Power-Response before 2019-02-02 allows directory traversal (up to the application's main... Critical Unreviewed
CVE-2019-15519 was published May 24, 2022
The insert-pages plugin before 3.2.4 for WordPress has directory traversal via custom template... Critical Unreviewed
CVE-2017-18586 was published May 24, 2022
An issue was discovered in 20|20 Storage 2.11.0. A Path Traversal vulnerability in the... Critical Unreviewed
CVE-2019-12479 was published May 24, 2022
The WP Fastest Cache plugin through 0.8.9.5 for WordPress allows wpFastestCache.php and inc/cache... Critical Unreviewed
CVE-2019-13635 was published May 24, 2022
zzcms zzmcms 8.3 and earlier is affected by: File Delete to getshell. The impact is: getshell.... Critical Unreviewed
CVE-2019-1010151 was published May 24, 2022
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory... Critical Unreviewed
CVE-2019-12990 was published May 24, 2022
Linear eMerge E3-Series devices allow Directory Traversal. Critical Unreviewed
CVE-2019-7253 was published May 24, 2022
A path traversal flaw was found in spacewalk-proxy, all versions through 2.8, in the way the... Critical Unreviewed
CVE-2019-10137 was published May 24, 2022
In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack... Critical Unreviewed
CVE-2019-10985 was published May 24, 2022
A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server... Critical Unreviewed
CVE-2019-12146 was published May 24, 2022
An issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1.... Critical Unreviewed
CVE-2019-12144 was published May 24, 2022
An issue was discovered in Thomson Reuters Desktop Extensions 1.9.0.358. An unauthenticated... Critical Unreviewed
CVE-2019-8385 was published May 24, 2022
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC)... Critical Unreviewed
CVE-2019-5356 was published May 24, 2022
ExaGrid appliances with firmware version v4.8.1.1044.P50 have a /monitor/data/Upgrade/ directory... Critical Unreviewed
CVE-2019-12310 was published May 24, 2022
The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Small 05.01 build 1137 devices... Critical Unreviewed
CVE-2019-9106 was published May 24, 2022
Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS... Critical Unreviewed
CVE-2019-12314 was published May 24, 2022
The Xinha plugin in Precurio 2.1 allows Directory Traversal, with resultant arbitrary code... Critical Unreviewed
CVE-2016-10759 was published May 24, 2022
Adobe XD versions 16.0 and earlier have a path traversal vulnerability. Successful exploitation... Critical Unreviewed
CVE-2019-7105 was published May 24, 2022
Adobe XD versions 16.0 and earlier have a path traversal vulnerability. Successful exploitation... Critical Unreviewed
CVE-2019-7106 was published May 24, 2022
Blogifier 2.3 before 2019-05-11 does not properly restrict APIs, as demonstrated by missing... Critical Unreviewed
CVE-2019-12277 was published May 24, 2022
An issue was discovered in GetSimple CMS through 3.3.15. insufficient input sanitation in the... Critical Unreviewed
CVE-2019-11231 was published May 24, 2022
An issue was discovered in MicroStrategy Web Services (the Microsoft Office plugin) before 10.4... Critical Unreviewed
CVE-2018-6885 was published May 24, 2022
Directory Traversal was discovered in University of Cambridge mod_ucam_webauth before 2.0.2. The... Critical Unreviewed
CVE-2015-9287 was published May 24, 2022
A path traversal vulnerability exists in viewcgi.c in the 2.0.7 through 2.2.26 legacy versions of... Critical Unreviewed
CVE-2018-16716 was published May 24, 2022
The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL... Critical Unreviewed
CVE-2014-4650 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database