GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,476

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

5,022 advisories

Filter by severity

Sort by

Least recently updated

It was discovered that on Windows operating systems specifically, Kibana was not validating a... Moderate Unreviewed

CVE-2021-37938 was published Nov 19, 2021

Using the parameter of getPFXFolderList function, attackers can see the information of... Critical Unreviewed

CVE-2020-7882 was published Nov 23, 2021

The File Download API in Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote... High Unreviewed

CVE-2021-38146 was published Nov 23, 2021

OX App Suite through 7.10.5 allows Directory Traversal via ../ in an OOXML or ODF ZIP archive,... Moderate Unreviewed

CVE-2021-33491 was published Nov 23, 2021

The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter... High Unreviewed

CVE-2021-24644 was published Nov 24, 2021

There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of... Moderate Unreviewed

CVE-2021-37023 was published Nov 24, 2021

An unspecified version of tripexpress is affected by a path manipulation vulnerability in file... Critical Unreviewed

CVE-2021-43691 was published Nov 30, 2021

Sunnet eHRD has inadequate filtering for special characters in URLs, which allows a remote... High Unreviewed

CVE-2021-43358 was published Dec 2, 2021

** UNSUPPORTED WHEN ASSIGNED ** ThinkUp 2.0-beta.10 is affected by a path manipulation... Critical Unreviewed

CVE-2021-43674 was published Dec 4, 2021

The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 takes a user-supplied ... High Unreviewed

CVE-2021-43176 was published Dec 8, 2021

There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed

CVE-2021-37099 was published Dec 8, 2021

There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed

CVE-2021-37088 was published Dec 8, 2021

There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed

CVE-2021-37087 was published Dec 8, 2021

There is a Improper Limitation of a Pathname to a Restricted Directory vulnerability in Huawei... Critical Unreviewed

CVE-2021-37064 was published Dec 8, 2021

An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows... High Unreviewed

CVE-2021-25511 was published Dec 9, 2021

A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and... High Unreviewed

CVE-2021-41024 was published Dec 9, 2021

A relative path traversal vulnerability in the SMA100 upload funtion allows a remote... High Unreviewed

CVE-2021-20040 was published Dec 9, 2021

KNIME Server before 4.13.4 allows directory traversal in a request for a client profile. High Unreviewed

CVE-2021-44725 was published Dec 9, 2021

A path traversal attack in web interfaces of Netgear RAX35, RAX38, and RAX40 routers before v1.0... High Unreviewed

CVE-2021-41449 was published Dec 10, 2021

Zip Slip vulnerability in Pluck-CMS Pluck 4.7.15 allows an attacker to upload specially crafted... Critical Unreviewed

CVE-2021-31746 was published Dec 11, 2021

Directory traversal vulnerability in /admin/includes/* directory for PHPGURUKUL Employee Record... High Unreviewed

CVE-2021-44965 was published Dec 14, 2021

The All-in-One Video Gallery WordPress plugin before 2.5.0 does not sanitise and validate the tab... High Unreviewed

CVE-2021-24970 was published Dec 14, 2021

Auerswald COMpact 5500R devices before 8.2B allow Arbitrary File Disclosure. A sub-admin can read... Moderate Unreviewed

CVE-2021-40858 was published Dec 14, 2021

SAF-T Framework Transaction SAFTN_G allows an attacker to exploit insufficient validation of path... High Unreviewed

CVE-2021-44232 was published Dec 15, 2021

The True Ranker plugin <= 2.2.2 for WordPress allows arbitrary files, including sensitive... High Unreviewed

CVE-2021-39312 was published Dec 15, 2021

Previous 1 2 3 4 5 … 200 201 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

5,022 advisories