GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,070
Composer 4,319
Erlang 31
GitHub Actions 21
Go 2,077
Maven 5,250
npm 3,746
NuGet 674
pip 3,435
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,247

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

6,375 advisories

Filter by severity

Sort by

Least recently updated

The String locator WordPress plugin before 2.5.0 does not properly validate the path of the files... Moderate Unreviewed

CVE-2022-0493 was published Mar 29, 2022

Directory traversal vulnerability in CrossFTP Pro 1.65a, and probably earlier, allows remote FTP... High Unreviewed

CVE-2010-4153 was published May 17, 2022

Directory traversal vulnerability in the Music Manager component for Joomla! allows remote... Moderate Unreviewed

CVE-2010-2857 was published May 17, 2022

Directory traversal vulnerability in Yaws 1.89 allows remote attackers to read arbitrary files... Moderate Unreviewed

CVE-2010-4181 was published May 17, 2022

Directory traversal vulnerability in QuickShare 1.0 allows remote attackers to read arbitrary... Moderate Unreviewed

CVE-2010-3488 was published May 17, 2022

The default configuration of the PJL Access value in the File System External Access settings on... High Unreviewed

CVE-2010-4107 was published May 17, 2022

Directory traversal vulnerability in the HTTP interface in AXIGEN Mail Server 7.4.1 for Windows... Moderate Unreviewed

CVE-2010-3460 was published May 17, 2022

Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to path traversal... High Unreviewed

CVE-2022-25347 was published Mar 30, 2022

Directory traversal vulnerability in Air Traffic in Apple iOS before 8.4.1 allows attackers to... Moderate Unreviewed

CVE-2015-5766 was published May 17, 2022

Directory traversal vulnerability in FileStorageUpload.ashx in SmarterMail 7.1.3876 allows remote... Moderate Unreviewed

CVE-2010-3486 was published May 17, 2022

Directory traversal vulnerability in index.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc... Moderate Unreviewed

CVE-2010-3480 was published May 17, 2022

Directory traversal vulnerability in jphone.php in the JPhone (com_jphone) component 1.0 Alpha 3... High Unreviewed

CVE-2010-3426 was published May 17, 2022

Directory traversal vulnerability in AnyConnect 1.2.3.0, and possibly earlier, allows remote FTP... High Unreviewed

CVE-2010-4148 was published May 17, 2022

Multiple directory traversal vulnerabilities in AGENTS/index.php in NetArt MEDIA Real Estate... Moderate Unreviewed

CVE-2010-3606 was published May 17, 2022

Directory traversal vulnerability in download.php in EnergyScripts (ES) Simple Download 1.0... Moderate Unreviewed

CVE-2010-3456 was published May 17, 2022

An Archive Extraction (AKA "Zip Slip) vulnerability exists in bbs 5.3 in the UpgradeNow function... Moderate Unreviewed

CVE-2021-43099 was published Mar 30, 2022

An attacker could utilize a function in MDT AutoSave versions prior to v6.02.06 that permits... High Unreviewed

CVE-2021-32949 was published Apr 3, 2022

The JobMonster Theme was vulnerable to Directory Listing in the /wp-content/uploads/jobmonster/... Moderate Unreviewed

CVE-2022-1166 was published Apr 5, 2022

AVEVA System Platform versions 2017 through 2020 R2 P01 uses external input to construct a... High Unreviewed

CVE-2021-32981 was published Apr 5, 2022

Barco Control Room Management through Suite 2.9 Build 0275 was discovered to be vulnerable to... High Unreviewed

CVE-2022-26233 was published Apr 5, 2022

aEnrich a+HRD has inadequate filtering for special characters in URLs. An unauthenticated remote... High Unreviewed

CVE-2022-26675 was published Apr 8, 2022

ASUS RT-AX56U’s update_PLC/PORT file has a path traversal vulnerability due to insufficient... High Unreviewed

CVE-2022-23971 was published Apr 8, 2022

Ivanti Avalanche (Premise) 6.3.2 allows remote unauthenticated users to read arbitrary files via... High Unreviewed

CVE-2021-30497 was published Apr 7, 2022

The rc-httpd component through 2022-03-31 for 9front (Plan 9 fork) allows ..%2f directory... High Unreviewed

CVE-2022-28380 was published Apr 4, 2022

Path traversal in Hadoop Critical

CVE-2022-26612 was published for org.apache.hadoop:hadoop-common (Maven) Apr 8, 2022

Previous 1 2 3 4 5 6 7 8 … 254 255 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,375 advisories