Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

117 advisories

Loading
Arbitrary File Write in cli Low
CVE-2016-10538 was published for cli (npm) Feb 18, 2019
Directory Traversal in send Low
CVE-2014-6394 was published for send (npm) Oct 24, 2017
Directory Traversal vulnerability in GET/PUT allows attackers to Disclose Information or Write Files via a crafted GET/PUT request Low
CVE-2020-15239 was published for xmpp-http-upload (pip) Oct 6, 2020
ChristianTacke
fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other... Low Unreviewed
CVE-2020-36314 was published May 24, 2022
Path Traversal in XWiki Platform Low
CVE-2022-29253 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Jun 1, 2022
Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users... Low Unreviewed
CVE-2014-8737 was published May 17, 2022
Improper input validation in Contacts Storage prior to SMR Jul-2022 Release 1 allows attacker to... Low Unreviewed
CVE-2022-33690 was published Jul 13, 2022
Directory traversal vulnerability in Backup in Apple iOS before 8.3 allows attackers to read... Low Unreviewed
CVE-2015-1087 was published May 17, 2022
GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an issue between projects. Low Unreviewed
CVE-2020-10977 was published May 24, 2022
Directory traversal vulnerability in Jenkins before 1.600 and LTS before 1.596.1 allows remote... Low Unreviewed
CVE-2015-1807 was published May 17, 2022
Directory traversal vulnerability in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2... Low Unreviewed
CVE-2013-6177 was published May 17, 2022
Absolute path traversal vulnerability in ShareLaTeX 0.1.3 and earlier, when the paranoid... Low Unreviewed
CVE-2015-0933 was published May 17, 2022
Directory traversal vulnerability in models/Cart66.php in the Cart66 Lite plugin before 1.5.4 for... Low Unreviewed
CVE-2014-9461 was published May 17, 2022
Path traversal in Jenkins Mercurial Plugin Low
CVE-2022-30948 was published for org.jenkins-ci.plugins:mercurial (Maven) May 18, 2022
NotMyFault
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite... Low Unreviewed
CVE-2012-6607 was published May 17, 2022
Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote... Low Unreviewed
CVE-2013-5219 was published May 17, 2022
Absolute path traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98... Low Unreviewed
CVE-2010-2322 was published May 17, 2022
Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for... Low Unreviewed
CVE-2012-3380 was published May 17, 2022
A path traversal vulnerability in NFX150 Series and QFX10K Series, EX9200 Series, MX Series and... Low Unreviewed
CVE-2019-0074 was published May 24, 2022
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in... Low Unreviewed
CVE-2022-27621 was published Aug 4, 2022
A directory traversal vulnerability was discovered in Wuzhicms 4.1.0. via /coreframe/app... Low Unreviewed
CVE-2022-36168 was published Aug 27, 2022
fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during... Low Unreviewed
CVE-2020-11736 was published May 24, 2022
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of... Low Unreviewed
CVE-2020-12392 was published May 24, 2022
** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as... Low Unreviewed
CVE-2022-4773 was published Dec 28, 2022
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, adjusting the path component for the... Low Unreviewed
CVE-2021-43264 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database