Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,057
Maven
5,000+
npm
3,742
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

703 advisories

Loading
A path traversal vulnerability exists in simple-file-manager before 2017-04-26, affecting index... Critical Unreviewed
CVE-2017-8297 was published May 17, 2022
Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a... Critical Unreviewed
CVE-2017-7462 was published May 17, 2022
On the Trend Micro Threat Discovery Appliance 2.6.1062r1, directory traversal when processing a... Critical Unreviewed
CVE-2016-7552 was published May 17, 2022
Directory traversal vulnerability in index.php in Wonder CMS 2014 allows remote attackers to... Critical Unreviewed
CVE-2014-8704 was published May 17, 2022
Directory traversal vulnerability in Liferay 5.1.0 allows remote attackers to have unspecified... Critical Unreviewed
CVE-2016-6517 was published May 17, 2022
Directory traversal vulnerability in SAP TREX 7.10 Revision 63 allows remote attackers to read... Critical Unreviewed
CVE-2016-6138 was published May 17, 2022
Directory traversal vulnerability in the WAP interface in Trihedral VTScada (formerly VTS) 8.x... Critical Unreviewed
CVE-2016-4532 was published May 17, 2022
Radicale is vulnerable to directory traversal on Windows Filesystem Storage Backend component Critical
CVE-2016-1505 was published for Radicale (pip) May 17, 2022
The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has directory... Critical Unreviewed
CVE-2014-10390 was published May 17, 2022
Directory traversal vulnerability in the GfdFileUploadServerlet servlet in Lexmark MarkVision... Critical Unreviewed
CVE-2014-8741 was published May 17, 2022
The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL... Critical Unreviewed
CVE-2014-4650 was published May 17, 2022
A path traversal vulnerability exists in viewcgi.c in the 2.0.7 through 2.2.26 legacy versions of... Critical Unreviewed
CVE-2018-16716 was published May 24, 2022
Directory Traversal was discovered in University of Cambridge mod_ucam_webauth before 2.0.2. The... Critical Unreviewed
CVE-2015-9287 was published May 24, 2022
An issue was discovered in MicroStrategy Web Services (the Microsoft Office plugin) before 10.4... Critical Unreviewed
CVE-2018-6885 was published May 24, 2022
An issue was discovered in GetSimple CMS through 3.3.15. insufficient input sanitation in the... Critical Unreviewed
CVE-2019-11231 was published May 24, 2022
Blogifier 2.3 before 2019-05-11 does not properly restrict APIs, as demonstrated by missing... Critical Unreviewed
CVE-2019-12277 was published May 24, 2022
Adobe XD versions 16.0 and earlier have a path traversal vulnerability. Successful exploitation... Critical Unreviewed
CVE-2019-7105 was published May 24, 2022
Adobe XD versions 16.0 and earlier have a path traversal vulnerability. Successful exploitation... Critical Unreviewed
CVE-2019-7106 was published May 24, 2022
The Xinha plugin in Precurio 2.1 allows Directory Traversal, with resultant arbitrary code... Critical Unreviewed
CVE-2016-10759 was published May 24, 2022
Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS... Critical Unreviewed
CVE-2019-12314 was published May 24, 2022
The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Small 05.01 build 1137 devices... Critical Unreviewed
CVE-2019-9106 was published May 24, 2022
ExaGrid appliances with firmware version v4.8.1.1044.P50 have a /monitor/data/Upgrade/ directory... Critical Unreviewed
CVE-2019-12310 was published May 24, 2022
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC)... Critical Unreviewed
CVE-2019-5356 was published May 24, 2022
An issue was discovered in Thomson Reuters Desktop Extensions 1.9.0.358. An unauthenticated... Critical Unreviewed
CVE-2019-8385 was published May 24, 2022
An issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1.... Critical Unreviewed
CVE-2019-12144 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database