Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,084
Maven
5,000+
npm
3,747
NuGet
674
pip
3,436
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

707 advisories

Loading
On Appear TV XC5000 and XC5100 devices with firmware 3.26.217, it is possible to read OS files... Critical Unreviewed
CVE-2018-7539 was published May 14, 2022
A Directory Traversal vulnerability in DashboardFileReceiveServlet in the Brocade Network Advisor... Critical Unreviewed
CVE-2016-8205 was published May 14, 2022
An issue was discovered in Webmin 1.840 and 1.880 when the default Yes setting of "Can view any... Critical Unreviewed
CVE-2018-8712 was published May 14, 2022
An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function does not block ... Critical Unreviewed
CVE-2018-7442 was published May 14, 2022
A Remote Code Execution vulnerability in HPE UCMDB version v10.10, v10.11, v10.20, v10.21, v10.22... Critical Unreviewed
CVE-2017-8947 was published May 14, 2022
An issue was discovered in the HTTP Server in RAVPower Filehub 2.000.056. Due to an unrestricted... Critical Unreviewed
CVE-2018-5997 was published May 14, 2022
Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal... Critical Unreviewed
CVE-2017-17992 was published May 14, 2022
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has directory traversal... Critical Unreviewed
CVE-2017-17739 was published May 14, 2022
Directory traversal vulnerability in QND Advance/Standard allows an attacker to read arbitrary... Critical Unreviewed
CVE-2017-10861 was published May 17, 2022
Inedo Otter before 1.7.4 has directory traversal in filesystem-based rafts via vectors involving ... Critical Unreviewed
CVE-2017-15607 was published May 17, 2022
LvyeCMS through 3.1 allows remote attackers to upload and execute arbitrary PHP code via... Critical Unreviewed
CVE-2017-16903 was published May 17, 2022
SaltStack Salt Directory traversal vulnerability in minion id validation Critical
CVE-2017-14695 was published for salt (pip) May 17, 2022
A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow... Critical Unreviewed
CVE-2017-9367 was published May 17, 2022
Debian ftpsync before 20171017 does not use the rsync --safe-links option, which allows remote... Critical Unreviewed
CVE-2017-8805 was published May 17, 2022
Directory traversal vulnerability in eNovance eDeploy allows remote attackers to create arbitrary... Critical Unreviewed
CVE-2014-3702 was published May 17, 2022
The WebUI component in Deluge before 1.3.15 contains a directory traversal vulnerability... Critical Unreviewed
CVE-2017-9031 was published May 17, 2022
A path traversal information disclosure vulnerability exists in Schneider Electric's U.motion... Critical Unreviewed
CVE-2017-7974 was published May 17, 2022
D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers to read passwords via a... Critical Unreviewed
CVE-2017-12943 was published May 17, 2022
SaltStack Salt Directory traversal vulnerability in minion id validation Critical
CVE-2017-12791 was published for salt (pip) May 17, 2022
Directory traversal vulnerability in the doPost method of the Rtrlet class in Novell ZENworks... Critical Unreviewed
CVE-2015-0781 was published May 17, 2022
Directory traversal vulnerability in Trend Micro Control Manager 6.0 allows remote code execution... Critical Unreviewed
CVE-2017-11389 was published May 17, 2022
ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal and file extension... Critical Unreviewed
CVE-2017-1000002 was published May 17, 2022
In Anti-Web through 3.8.7, as used on NetBiter FGW200 devices through 3.21.2, WS100 devices... Critical Unreviewed
CVE-2017-9097 was published May 17, 2022
Multiple directory traversal vulnerabilities in Samsung SyncThru 6 before 1.0 allow remote... Critical Unreviewed
CVE-2015-5473 was published May 17, 2022
Absolute path traversal vulnerability in the Image Export plugin 1.1 for WordPress allows remote... Critical Unreviewed
CVE-2015-5609 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database