Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,076
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

6,375 advisories

Loading
The Images Optimize and Upload CF7 WordPress plugin through 2.1.4 does not validate the file to... Critical Unreviewed
CVE-2022-4101 was published Jan 16, 2023
Keycloak vulnerable to path traversal via double URL encoding Critical
CVE-2022-3782 was published for org.keycloak:keycloak-parent (Maven) Dec 13, 2022
Sinatra Path Traversal vulnerability Moderate
CVE-2018-7212 was published for sinatra (RubyGems) Feb 20, 2018
Directory traversal vulnerability in pfSense-pkg-WireGuard pfSense-pkg-WireGuard 0.1.5 versions... Moderate Unreviewed
CVE-2022-21132 was published Mar 11, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA)... Critical Unreviewed
CVE-2021-42853 was published Mar 11, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) PluginServlet... Critical Unreviewed
CVE-2021-42854 was published Mar 11, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA)... Critical Unreviewed
CVE-2021-42787 was published Mar 11, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA)... Moderate Unreviewed
CVE-2021-42857 was published Mar 11, 2022
An absolute path traversal vulnerability allows a remote attacker to download any file on the... High Unreviewed
CVE-2022-25216 was published Mar 12, 2022
Path traversal vulnerability exists in CAMS for HIS Server contained in the following Yokogawa... High Unreviewed
CVE-2022-21808 was published Mar 12, 2022
Path traversal in FreeTAKServer-UI Moderate
CVE-2022-25511 was published for FreeTAKServer-UI (pip) Mar 12, 2022
There is a path traversal vulnerability in CAMS for HIS Log Server contained in the following... High Unreviewed
CVE-2022-21177 was published Mar 12, 2022
An issue in index.php of OneNav v0.9.14 allows attackers to perform directory traversal. Moderate Unreviewed
CVE-2022-26276 was published Mar 13, 2022
An issue was discovered in PONTON X/P Messenger before 3.11.2. Due to path traversal in private... Critical Unreviewed
CVE-2021-45887 was published Mar 14, 2022
Path Traversal in Gitea Moderate
CVE-2021-29134 was published for code.gitea.io/gitea (Go) Mar 16, 2022
The Simple Download Monitor WordPress plugin before 3.9.5 allows users with a role as low as... Moderate Unreviewed
CVE-2021-24692 was published Mar 15, 2022
The Server component of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports... High Unreviewed
CVE-2022-22771 was published Mar 16, 2022
Path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File... High Unreviewed
CVE-2021-45010 was published Mar 16, 2022
When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows... High Unreviewed
CVE-2022-25249 was published Mar 17, 2022
Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x... High Unreviewed
CVE-2022-26500 was published Mar 18, 2022
Directory traversal vulnerability in core/lib/router.php in LotusCMS Fraise 3.0, when... Moderate Unreviewed
CVE-2011-0518 was published May 17, 2022
Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, as used in Appeon,... High Unreviewed
CVE-2011-0497 was published May 17, 2022
Directory traversal vulnerability in modules/profile/user.php in Ax Developer CMS (AxDCMS) 0.1.1... Moderate Unreviewed
CVE-2011-0506 was published May 17, 2022
Directory traversal vulnerability in system/system.php in Zwii 2.1.1, when magic_quotes_gpc is... Moderate Unreviewed
CVE-2011-0505 was published May 17, 2022
Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1... Moderate Unreviewed
CVE-2011-0494 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database