GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,476

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,610 advisories

Filter by severity

Sort by

Least recently updated

Improper Limitation of a Pathname to a Restricted Directory in JBoss Undertow Moderate

CVE-2014-7816 was published for io.undertow:undertow-core (Maven) May 17, 2022

The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1)... Moderate Unreviewed

CVE-2020-11738 was published May 24, 2022

Improper Limitation of a Pathname to a Restricted Directory in Zip4j Moderate

CVE-2018-1002202 was published for net.lingala.zip4j:zip4j (Maven) May 13, 2022

Improper Limitation of a Pathname to a Restricted Directory in Elasticsearch Moderate

CVE-2015-3337 was published for org.elasticsearch:elasticsearch (Maven) May 17, 2022

Improper Limitation of a Pathname to a Restricted Directory in Jenkins Google OAuth Credentials Plugin Moderate

CVE-2019-10436 was published for org.jenkins-ci.plugins:google-oauth-plugin (Maven) May 24, 2022

Path traversal vulnerability in UriFileUtils of Samsung Notes prior to version 4.3.14.39 allows... Moderate Unreviewed

CVE-2022-36831 was published Aug 6, 2022

Directory traversal vulnerability in the Picasa2Gallery (com_picasa2gallery) component 1.2.8 and... Moderate Unreviewed

CVE-2010-2507 was published May 17, 2022

An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000.... Moderate Unreviewed

CVE-2020-25248 was published May 24, 2022

The Simple:Press plugin for WordPress is vulnerable to arbitrary file modifications in versions... Moderate Unreviewed

CVE-2022-4031 was published Nov 29, 2022

In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname (omitting... Moderate Unreviewed

CVE-2020-35176 was published May 24, 2022

Intelbras TIP 200 60.61.75.15, TIP 200 LITE 60.61.75.15, and TIP 300 65.61.75.22 devices allow... Moderate Unreviewed

CVE-2020-13886 was published May 24, 2022

Multiple directory traversal vulnerabilities in index.php in Open Web Analytics (OWA) 1.2.3 might... Moderate Unreviewed

CVE-2010-2676 was published May 17, 2022

Directory traversal vulnerability in scr/soustab.php in openMairie openComInterne 1.01, when... Moderate Unreviewed

CVE-2010-1936 was published May 17, 2022

Directory traversal vulnerability in scr/soustab.php in openMairie openPlanning 1.00, when... Moderate Unreviewed

CVE-2010-1928 was published May 17, 2022

Directory traversal vulnerability in scr/soustab.php in openMairie Openpresse 1.01, when... Moderate Unreviewed

CVE-2010-1935 was published May 17, 2022

Directory traversal vulnerability in the Online Market (com_market) component 2.x for Joomla!... Moderate Unreviewed

CVE-2010-1722 was published May 17, 2022

Directory traversal vulnerability in the Online Examination (aka Online Exam or com_onlineexam)... Moderate Unreviewed

CVE-2010-1715 was published May 17, 2022

Directory traversal vulnerability in the SMEStorage (com_smestorage) component before 1.1 for... Moderate Unreviewed

CVE-2010-1858 was published May 17, 2022

Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem... Moderate Unreviewed

CVE-2010-2307 was published May 17, 2022

Directory traversal vulnerability in index.php in Anodyne Productions SIMM Management System (SMS... Moderate Unreviewed

CVE-2010-2313 was published May 17, 2022

Multiple directory traversal vulnerabilities in ProMan 0.1.1 and earlier allow remote attackers... Moderate Unreviewed

CVE-2010-2138 was published May 17, 2022

Directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder)... Moderate Unreviewed

CVE-2010-2680 was published May 17, 2022

Directory traversal vulnerability in login.php in Siestta 2.0, when register_globals is enabled,... Moderate Unreviewed

CVE-2010-1710 was published May 17, 2022

Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability... Moderate Unreviewed

CVE-2020-24368 was published May 24, 2022

Multiple directory traversal vulnerabilities in index.php in Linker IMG 1.0 and earlier allow... Moderate Unreviewed

CVE-2010-2456 was published May 17, 2022

Previous 1 2 3 4 5 6 … 104 105 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,610 advisories