GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,265 advisories
Filter by severity
An issue in index.php of OneNav v0.9.14 allows attackers to perform directory traversal.
Moderate
Unreviewed
CVE-2022-26276
was published
Mar 13, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA)...
Moderate
Unreviewed
CVE-2021-42857
was published
Mar 11, 2022
Directory traversal vulnerability in pfSense-pkg-WireGuard pfSense-pkg-WireGuard 0.1.5 versions...
Moderate
Unreviewed
CVE-2022-21132
was published
Mar 11, 2022
An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and...
Moderate
Unreviewed
CVE-2022-26484
was published
Mar 5, 2022
Multiple relative path traversal vulnerabilities [CWE-23] in FortiWLM management interface 8.6.2...
Moderate
Unreviewed
CVE-2021-43070
was published
Mar 3, 2022
The Contact Forms - Drag & Drop Contact Form Builder WordPress plugin through 1.0.5 allows high...
Moderate
Unreviewed
CVE-2021-24689
was published
Mar 1, 2022
The Cost Calculator WordPress plugin through 1.4 allows users with a role as low as Contributor...
Moderate
Unreviewed
CVE-2021-24820
was published
Mar 1, 2022
qrcp through 0.8.4, in receive mode, allows ../ Directory Traversal via the file name specified...
Moderate
Unreviewed
CVE-2022-26315
was published
Mar 1, 2022
IBM Sterling External Authentication Server 3.4.3.2, 6.0.2.0, and 6.0.3.0 is vulnerable to path...
Moderate
Unreviewed
CVE-2022-22349
was published
Feb 25, 2022
There is a directory traversal vulnerability in some home gateway products of ZTE. Due to the...
Moderate
Unreviewed
CVE-2022-23135
was published
Feb 25, 2022
A Directory Traversal vulnerability exists in the Xerte Project Xerte through 3.10.3 when...
Moderate
Unreviewed
CVE-2021-44665
was published
Feb 25, 2022
"Sametime Android PathTraversal Vulnerability"
Moderate
Unreviewed
CVE-2021-27753
was published
Feb 22, 2022
"Sametime Android potential path traversal vulnerability when using File class"
Moderate
Unreviewed
CVE-2021-27755
was published
Feb 22, 2022
A Path Traversal vulnerability for a log file in LiveConfig 2.12.2 allows authenticated attackers...
Moderate
Unreviewed
CVE-2021-40841
was published
Feb 19, 2022
A ..%2F path traversal vulnerability exists in the path handler of awful-salmonella-tar before 0...
Moderate
Unreviewed
CVE-2022-25358
was published
Feb 19, 2022
A vulnerability has been identified in COMOS (All versions < V10.4.1). The COMOS Web component of...
Moderate
Unreviewed
CVE-2021-37196
was published
Feb 10, 2022
Directory Traversal vulnerability exists in ZZCMS 2021 via the skin parameter in 1) index.php, 2)...
Moderate
Unreviewed
CVE-2021-45286
was published
Feb 10, 2022
Directory traversal in /northstar/Common/NorthFileManager/fileManagerObjects.jsp Northstar...
Moderate
Unreviewed
CVE-2021-29398
was published
Feb 9, 2022
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2022-22679
was published
Feb 8, 2022
Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter.
Moderate
Unreviewed
CVE-2021-46203
was published
Jan 20, 2022
Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal...
Moderate
Unreviewed
CVE-2021-41551
was published
Jan 19, 2022
ASUS RT-AX56U’s login function contains a path traversal vulnerability due to its inadequate...
Moderate
Unreviewed
CVE-2022-22054
was published
Jan 15, 2022
ChronoForms 7.0.7 allows fname Directory Traversal to read arbitrary files.
Moderate
Unreviewed
CVE-2021-28376
was published
Jan 13, 2022
ChronoForums 2.0.11 allows av Directory Traversal to read arbitrary files.
Moderate
Unreviewed
CVE-2021-28377
was published
Jan 13, 2022
The CaasKit module has a path traversal vulnerability. Successful exploitation of this...
Moderate
Unreviewed
CVE-2021-40001
was published
Jan 11, 2022
ProTip!
Advisories are also available from the
GraphQL API