Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,265 advisories

Loading
An issue in index.php of OneNav v0.9.14 allows attackers to perform directory traversal. Moderate Unreviewed
CVE-2022-26276 was published Mar 13, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA)... Moderate Unreviewed
CVE-2021-42857 was published Mar 11, 2022
Directory traversal vulnerability in pfSense-pkg-WireGuard pfSense-pkg-WireGuard 0.1.5 versions... Moderate Unreviewed
CVE-2022-21132 was published Mar 11, 2022
An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and... Moderate Unreviewed
CVE-2022-26484 was published Mar 5, 2022
Multiple relative path traversal vulnerabilities [CWE-23] in FortiWLM management interface 8.6.2... Moderate Unreviewed
CVE-2021-43070 was published Mar 3, 2022
The Contact Forms - Drag & Drop Contact Form Builder WordPress plugin through 1.0.5 allows high... Moderate Unreviewed
CVE-2021-24689 was published Mar 1, 2022
The Cost Calculator WordPress plugin through 1.4 allows users with a role as low as Contributor... Moderate Unreviewed
CVE-2021-24820 was published Mar 1, 2022
qrcp through 0.8.4, in receive mode, allows ../ Directory Traversal via the file name specified... Moderate Unreviewed
CVE-2022-26315 was published Mar 1, 2022
IBM Sterling External Authentication Server 3.4.3.2, 6.0.2.0, and 6.0.3.0 is vulnerable to path... Moderate Unreviewed
CVE-2022-22349 was published Feb 25, 2022
There is a directory traversal vulnerability in some home gateway products of ZTE. Due to the... Moderate Unreviewed
CVE-2022-23135 was published Feb 25, 2022
A Directory Traversal vulnerability exists in the Xerte Project Xerte through 3.10.3 when... Moderate Unreviewed
CVE-2021-44665 was published Feb 25, 2022
"Sametime Android PathTraversal Vulnerability" Moderate Unreviewed
CVE-2021-27753 was published Feb 22, 2022
"Sametime Android potential path traversal vulnerability when using File class" Moderate Unreviewed
CVE-2021-27755 was published Feb 22, 2022
A Path Traversal vulnerability for a log file in LiveConfig 2.12.2 allows authenticated attackers... Moderate Unreviewed
CVE-2021-40841 was published Feb 19, 2022
A ..%2F path traversal vulnerability exists in the path handler of awful-salmonella-tar before 0... Moderate Unreviewed
CVE-2022-25358 was published Feb 19, 2022
A vulnerability has been identified in COMOS (All versions < V10.4.1). The COMOS Web component of... Moderate Unreviewed
CVE-2021-37196 was published Feb 10, 2022
Directory Traversal vulnerability exists in ZZCMS 2021 via the skin parameter in 1) index.php, 2)... Moderate Unreviewed
CVE-2021-45286 was published Feb 10, 2022
Directory traversal in /northstar/Common/NorthFileManager/fileManagerObjects.jsp Northstar... Moderate Unreviewed
CVE-2021-29398 was published Feb 9, 2022
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2022-22679 was published Feb 8, 2022
Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter. Moderate Unreviewed
CVE-2021-46203 was published Jan 20, 2022
Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal... Moderate Unreviewed
CVE-2021-41551 was published Jan 19, 2022
ASUS RT-AX56U’s login function contains a path traversal vulnerability due to its inadequate... Moderate Unreviewed
CVE-2022-22054 was published Jan 15, 2022
ChronoForms 7.0.7 allows fname Directory Traversal to read arbitrary files. Moderate Unreviewed
CVE-2021-28376 was published Jan 13, 2022
ChronoForums 2.0.11 allows av Directory Traversal to read arbitrary files. Moderate Unreviewed
CVE-2021-28377 was published Jan 13, 2022
The CaasKit module has a path traversal vulnerability. Successful exploitation of this... Moderate Unreviewed
CVE-2021-40001 was published Jan 11, 2022
ProTip! Advisories are also available from the GraphQL API