GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,259 advisories
Filter by severity
The File Download API in Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote...
High
Unreviewed
CVE-2021-38146
was published
Nov 23, 2021
The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter...
High
Unreviewed
CVE-2021-24644
was published
Nov 24, 2021
Sunnet eHRD has inadequate filtering for special characters in URLs, which allows a remote...
High
Unreviewed
CVE-2021-43358
was published
Dec 2, 2021
The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 takes a user-supplied ...
High
Unreviewed
CVE-2021-43176
was published
Dec 8, 2021
An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows...
High
Unreviewed
CVE-2021-25511
was published
Dec 9, 2021
A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and...
High
Unreviewed
CVE-2021-41024
was published
Dec 9, 2021
A relative path traversal vulnerability in the SMA100 upload funtion allows a remote...
High
Unreviewed
CVE-2021-20040
was published
Dec 9, 2021
KNIME Server before 4.13.4 allows directory traversal in a request for a client profile.
High
Unreviewed
CVE-2021-44725
was published
Dec 9, 2021
A path traversal attack in web interfaces of Netgear RAX35, RAX38, and RAX40 routers before v1.0...
High
Unreviewed
CVE-2021-41449
was published
Dec 10, 2021
Directory traversal vulnerability in /admin/includes/* directory for PHPGURUKUL Employee Record...
High
Unreviewed
CVE-2021-44965
was published
Dec 14, 2021
The All-in-One Video Gallery WordPress plugin before 2.5.0 does not sanitise and validate the tab...
High
Unreviewed
CVE-2021-24970
was published
Dec 14, 2021
SAF-T Framework Transaction SAFTN_G allows an attacker to exploit insufficient validation of path...
High
Unreviewed
CVE-2021-44232
was published
Dec 15, 2021
The True Ranker plugin <= 2.2.2 for WordPress allows arbitrary files, including sensitive...
High
Unreviewed
CVE-2021-39312
was published
Dec 15, 2021
A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.11),...
High
Unreviewed
CVE-2021-41547
was published
Dec 15, 2021
HD-Network Real-time Monitoring System 2.0 allows ../ directory traversal to read /etc/shadow via...
High
Unreviewed
CVE-2021-45043
was published
Dec 16, 2021
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2021-3960
was published
Dec 17, 2021
SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the pathname of the emulator...
High
Unreviewed
CVE-2021-32498
was published
Dec 18, 2021
Chain Sea ai chatbot system’s specific file download function has path traversal vulnerability....
High
Unreviewed
CVE-2021-44162
was published
Dec 21, 2021
Specially-crafted command line arguments can lead to arbitrary file deletion in the del .cnt|.log...
High
Unreviewed
CVE-2021-21909
was published
Dec 23, 2021
A directory traversal vulnerability exists in the CMA CLI setenv command of Garrett Metal...
High
Unreviewed
CVE-2021-21904
was published
Dec 23, 2021
A directory traversal vulnerability exists in the Web Manager FsTFtp functionality of Lantronix...
High
Unreviewed
CVE-2021-21895
was published
Dec 23, 2021
A directory traversal vulnerability exists in the Web Manager FsMove functionality of Lantronix...
High
Unreviewed
CVE-2021-21885
was published
Dec 23, 2021
A directory traversal vulnerability exists in the Web Manager FsCopyFile functionality of...
High
Unreviewed
CVE-2021-21880
was published
Dec 23, 2021
A directory traversal vulnerability exists in the Web Manager File Upload functionality of...
High
Unreviewed
CVE-2021-21879
was published
Dec 23, 2021
Certain Starcharge products are vulnerable to Directory Traversal via main.cgi. The affected...
High
Unreviewed
CVE-2021-45418
was published
Dec 23, 2021
ProTip!
Advisories are also available from the
GraphQL API