GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,458

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,195 advisories

Filter by severity

Sort by

Least recently updated

Authenticated mail users, under specific circumstances, could add files with unsanitized content... High Unreviewed

CVE-2022-42136 was published Jan 13, 2023

This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed

CVE-2020-15643 was published May 24, 2022

An absolute path traversal vulnerability allows a remote attacker to download any file on the... High Unreviewed

CVE-2022-25216 was published Mar 12, 2022

Path traversal vulnerability exists in CAMS for HIS Server contained in the following Yokogawa... High Unreviewed

CVE-2022-21808 was published Mar 12, 2022

There is a path traversal vulnerability in CAMS for HIS Log Server contained in the following... High Unreviewed

CVE-2022-21177 was published Mar 12, 2022

Path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File... High Unreviewed

CVE-2021-45010 was published Mar 16, 2022

The Server component of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports... High Unreviewed

CVE-2022-22771 was published Mar 16, 2022

When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows... High Unreviewed

CVE-2022-25249 was published Mar 17, 2022

Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x... High Unreviewed

CVE-2022-26500 was published Mar 18, 2022

Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, as used in Appeon,... High Unreviewed

CVE-2011-0497 was published May 17, 2022

Directory traversal vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla!... High Unreviewed

CVE-2010-4719 was published May 17, 2022

BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal... High Unreviewed

CVE-2022-23347 was published Mar 22, 2022

An issue was discovered in xmppserver jar in the XMPP Server component of the JIve platform, as... High Unreviewed

CVE-2021-45968 was published Mar 19, 2022

Rockwell Automation Connected Components Workbench v12.00.00 and prior does not sanitize paths... High Unreviewed

CVE-2021-27473 was published Mar 24, 2022

The parsing mechanism that processes certain file types does not provide input sanitization for... High Unreviewed

CVE-2021-27471 was published Mar 24, 2022

Passwork On-Premise Edition before 4.6.13 allows migration/uploadExportFile Directory Traversal ... High Unreviewed

CVE-2022-25267 was published Mar 25, 2022

Hiby Music Hiby OS R3 Pro 1.5 and 1.6 is vulnerable to Directory Traversal. The HTTP Server does... High Unreviewed

CVE-2021-44124 was published Mar 29, 2022

The WordPress File Upload Free and Pro WordPress plugins before 4.16.3 allow users with a role as... High Unreviewed

CVE-2021-24962 was published Mar 29, 2022

Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly... High Unreviewed

CVE-2010-4154 was published May 17, 2022

Directory traversal vulnerability in CrossFTP Pro 1.65a, and probably earlier, allows remote FTP... High Unreviewed

CVE-2010-4153 was published May 17, 2022

Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to path traversal... High Unreviewed

CVE-2022-25347 was published Mar 30, 2022

The default configuration of the PJL Access value in the File System External Access settings on... High Unreviewed

CVE-2010-4107 was published May 17, 2022

Directory traversal vulnerability in AnyConnect 1.2.3.0, and possibly earlier, allows remote FTP... High Unreviewed

CVE-2010-4148 was published May 17, 2022

Directory traversal vulnerability in jphone.php in the JPhone (com_jphone) component 1.0 Alpha 3... High Unreviewed

CVE-2010-3426 was published May 17, 2022

An attacker could utilize a function in MDT AutoSave versions prior to v6.02.06 that permits... High Unreviewed

CVE-2021-32949 was published Apr 3, 2022

Previous 1 2 3 4 5 … 87 88 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,195 advisories