GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,610 advisories
Filter by severity
Improper Limitation of a Pathname to a Restricted Directory in JBoss Undertow
Moderate
CVE-2014-7816
was published
for
io.undertow:undertow-core
(Maven)
May 17, 2022
The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1)...
Moderate
Unreviewed
CVE-2020-11738
was published
May 24, 2022
Improper Limitation of a Pathname to a Restricted Directory in Zip4j
Moderate
CVE-2018-1002202
was published
for
net.lingala.zip4j:zip4j
(Maven)
May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in Elasticsearch
Moderate
CVE-2015-3337
was published
for
org.elasticsearch:elasticsearch
(Maven)
May 17, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jenkins Google OAuth Credentials Plugin
Moderate
CVE-2019-10436
was published
for
org.jenkins-ci.plugins:google-oauth-plugin
(Maven)
May 24, 2022
Path traversal vulnerability in UriFileUtils of Samsung Notes prior to version 4.3.14.39 allows...
Moderate
Unreviewed
CVE-2022-36831
was published
Aug 6, 2022
Directory traversal vulnerability in the Picasa2Gallery (com_picasa2gallery) component 1.2.8 and...
Moderate
Unreviewed
CVE-2010-2507
was published
May 17, 2022
An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000....
Moderate
Unreviewed
CVE-2020-25248
was published
May 24, 2022
The Simple:Press plugin for WordPress is vulnerable to arbitrary file modifications in versions...
Moderate
Unreviewed
CVE-2022-4031
was published
Nov 29, 2022
In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname (omitting...
Moderate
Unreviewed
CVE-2020-35176
was published
May 24, 2022
Intelbras TIP 200 60.61.75.15, TIP 200 LITE 60.61.75.15, and TIP 300 65.61.75.22 devices allow...
Moderate
Unreviewed
CVE-2020-13886
was published
May 24, 2022
Multiple directory traversal vulnerabilities in index.php in Open Web Analytics (OWA) 1.2.3 might...
Moderate
Unreviewed
CVE-2010-2676
was published
May 17, 2022
Directory traversal vulnerability in scr/soustab.php in openMairie openComInterne 1.01, when...
Moderate
Unreviewed
CVE-2010-1936
was published
May 17, 2022
Directory traversal vulnerability in scr/soustab.php in openMairie openPlanning 1.00, when...
Moderate
Unreviewed
CVE-2010-1928
was published
May 17, 2022
Directory traversal vulnerability in scr/soustab.php in openMairie Openpresse 1.01, when...
Moderate
Unreviewed
CVE-2010-1935
was published
May 17, 2022
Directory traversal vulnerability in the Online Market (com_market) component 2.x for Joomla!...
Moderate
Unreviewed
CVE-2010-1722
was published
May 17, 2022
Directory traversal vulnerability in the Online Examination (aka Online Exam or com_onlineexam)...
Moderate
Unreviewed
CVE-2010-1715
was published
May 17, 2022
Directory traversal vulnerability in the SMEStorage (com_smestorage) component before 1.1 for...
Moderate
Unreviewed
CVE-2010-1858
was published
May 17, 2022
Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem...
Moderate
Unreviewed
CVE-2010-2307
was published
May 17, 2022
Directory traversal vulnerability in index.php in Anodyne Productions SIMM Management System (SMS...
Moderate
Unreviewed
CVE-2010-2313
was published
May 17, 2022
Multiple directory traversal vulnerabilities in ProMan 0.1.1 and earlier allow remote attackers...
Moderate
Unreviewed
CVE-2010-2138
was published
May 17, 2022
Directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder)...
Moderate
Unreviewed
CVE-2010-2680
was published
May 17, 2022
Directory traversal vulnerability in login.php in Siestta 2.0, when register_globals is enabled,...
Moderate
Unreviewed
CVE-2010-1710
was published
May 17, 2022
Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability...
Moderate
Unreviewed
CVE-2020-24368
was published
May 24, 2022
Multiple directory traversal vulnerabilities in index.php in Linker IMG 1.0 and earlier allow...
Moderate
Unreviewed
CVE-2010-2456
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API