GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,680

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

598 advisories

Filter by severity

Sort by

Least recently updated

Directory Traversal was discovered in University of Cambridge mod_ucam_webauth before 2.0.2. The... Critical Unreviewed

CVE-2015-9287 was published May 24, 2022

A path traversal vulnerability exists in viewcgi.c in the 2.0.7 through 2.2.26 legacy versions of... Critical Unreviewed

CVE-2018-16716 was published May 24, 2022

The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL... Critical Unreviewed

CVE-2014-4650 was published May 17, 2022

Directory traversal vulnerability in the GfdFileUploadServerlet servlet in Lexmark MarkVision... Critical Unreviewed

CVE-2014-8741 was published May 17, 2022

The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has directory... Critical Unreviewed

CVE-2014-10390 was published May 17, 2022

Directory traversal vulnerability in the WAP interface in Trihedral VTScada (formerly VTS) 8.x... Critical Unreviewed

CVE-2016-4532 was published May 17, 2022

Directory traversal vulnerability in SAP TREX 7.10 Revision 63 allows remote attackers to read... Critical Unreviewed

CVE-2016-6138 was published May 17, 2022

Directory traversal vulnerability in Liferay 5.1.0 allows remote attackers to have unspecified... Critical Unreviewed

CVE-2016-6517 was published May 17, 2022

Directory traversal vulnerability in index.php in Wonder CMS 2014 allows remote attackers to... Critical Unreviewed

CVE-2014-8704 was published May 17, 2022

On the Trend Micro Threat Discovery Appliance 2.6.1062r1, directory traversal when processing a... Critical Unreviewed

CVE-2016-7552 was published May 17, 2022

Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a... Critical Unreviewed

CVE-2017-7462 was published May 17, 2022

A path traversal vulnerability exists in simple-file-manager before 2017-04-26, affecting index... Critical Unreviewed

CVE-2017-8297 was published May 17, 2022

dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not... Critical Unreviewed

CVE-2017-8283 was published May 17, 2022

Absolute path traversal vulnerability in the Image Export plugin 1.1 for WordPress allows remote... Critical Unreviewed

CVE-2015-5609 was published May 17, 2022

Multiple directory traversal vulnerabilities in Samsung SyncThru 6 before 1.0 allow remote... Critical Unreviewed

CVE-2015-5473 was published May 17, 2022

In Anti-Web through 3.8.7, as used on NetBiter FGW200 devices through 3.21.2, WS100 devices... Critical Unreviewed

CVE-2017-9097 was published May 17, 2022

ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal and file extension... Critical Unreviewed

CVE-2017-1000002 was published May 17, 2022

Directory traversal vulnerability in Trend Micro Control Manager 6.0 allows remote code execution... Critical Unreviewed

CVE-2017-11389 was published May 17, 2022

Directory traversal vulnerability in the doPost method of the Rtrlet class in Novell ZENworks... Critical Unreviewed

CVE-2015-0781 was published May 17, 2022

D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers to read passwords via a... Critical Unreviewed

CVE-2017-12943 was published May 17, 2022

A path traversal information disclosure vulnerability exists in Schneider Electric's U.motion... Critical Unreviewed

CVE-2017-7974 was published May 17, 2022

The WebUI component in Deluge before 1.3.15 contains a directory traversal vulnerability... Critical Unreviewed

CVE-2017-9031 was published May 17, 2022

Directory traversal vulnerability in eNovance eDeploy allows remote attackers to create arbitrary... Critical Unreviewed

CVE-2014-3702 was published May 17, 2022

Debian ftpsync before 20171017 does not use the rsync --safe-links option, which allows remote... Critical Unreviewed

CVE-2017-8805 was published May 17, 2022

A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow... Critical Unreviewed

CVE-2017-9367 was published May 17, 2022

Previous 1 2 … 17 18 19 20 21 22 23 24 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

598 advisories