GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,275
Composer 4,356
Erlang 31
GitHub Actions 22
Go 2,120
Maven 5,297
npm 3,782
NuGet 683
pip 3,460
Pub 12
RubyGems 893
Rust 892
Swift 38

Unreviewed advisories

All unreviewed 244,070

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

718 advisories

Filter by severity

Sort by

Least recently updated

Adobe XD versions 16.0 and earlier have a path traversal vulnerability. Successful exploitation... Critical Unreviewed

CVE-2019-7105 was published May 24, 2022

Blogifier 2.3 before 2019-05-11 does not properly restrict APIs, as demonstrated by missing... Critical Unreviewed

CVE-2019-12277 was published May 24, 2022

An issue was discovered in GetSimple CMS through 3.3.15. insufficient input sanitation in the... Critical Unreviewed

CVE-2019-11231 was published May 24, 2022

An issue was discovered in MicroStrategy Web Services (the Microsoft Office plugin) before 10.4... Critical Unreviewed

CVE-2018-6885 was published May 24, 2022

Directory Traversal was discovered in University of Cambridge mod_ucam_webauth before 2.0.2. The... Critical Unreviewed

CVE-2015-9287 was published May 24, 2022

A path traversal vulnerability exists in viewcgi.c in the 2.0.7 through 2.2.26 legacy versions of... Critical Unreviewed

CVE-2018-16716 was published May 24, 2022

The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL... Critical Unreviewed

CVE-2014-4650 was published May 17, 2022

Directory traversal vulnerability in the GfdFileUploadServerlet servlet in Lexmark MarkVision... Critical Unreviewed

CVE-2014-8741 was published May 17, 2022

The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has directory... Critical Unreviewed

CVE-2014-10390 was published May 17, 2022

Radicale is vulnerable to directory traversal on Windows Filesystem Storage Backend component Critical

CVE-2016-1505 was published for Radicale (pip) May 17, 2022

Directory traversal vulnerability in the WAP interface in Trihedral VTScada (formerly VTS) 8.x... Critical Unreviewed

CVE-2016-4532 was published May 17, 2022

Directory traversal vulnerability in SAP TREX 7.10 Revision 63 allows remote attackers to read... Critical Unreviewed

CVE-2016-6138 was published May 17, 2022

Directory traversal vulnerability in Liferay 5.1.0 allows remote attackers to have unspecified... Critical Unreviewed

CVE-2016-6517 was published May 17, 2022

Directory traversal vulnerability in index.php in Wonder CMS 2014 allows remote attackers to... Critical Unreviewed

CVE-2014-8704 was published May 17, 2022

On the Trend Micro Threat Discovery Appliance 2.6.1062r1, directory traversal when processing a... Critical Unreviewed

CVE-2016-7552 was published May 17, 2022

Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a... Critical Unreviewed

CVE-2017-7462 was published May 17, 2022

A path traversal vulnerability exists in simple-file-manager before 2017-04-26, affecting index... Critical Unreviewed

CVE-2017-8297 was published May 17, 2022

dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not... Critical Unreviewed

CVE-2017-8283 was published May 17, 2022

Absolute path traversal vulnerability in the Image Export plugin 1.1 for WordPress allows remote... Critical Unreviewed

CVE-2015-5609 was published May 17, 2022

Multiple directory traversal vulnerabilities in Samsung SyncThru 6 before 1.0 allow remote... Critical Unreviewed

CVE-2015-5473 was published May 17, 2022

In Anti-Web through 3.8.7, as used on NetBiter FGW200 devices through 3.21.2, WS100 devices... Critical Unreviewed

CVE-2017-9097 was published May 17, 2022

ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal and file extension... Critical Unreviewed

CVE-2017-1000002 was published May 17, 2022

Directory traversal vulnerability in Trend Micro Control Manager 6.0 allows remote code execution... Critical Unreviewed

CVE-2017-11389 was published May 17, 2022

Directory traversal vulnerability in the doPost method of the Rtrlet class in Novell ZENworks... Critical Unreviewed

CVE-2015-0781 was published May 17, 2022

SaltStack Salt Directory traversal vulnerability in minion id validation Critical

CVE-2017-12791 was published for salt (pip) May 17, 2022

Previous 1 2 … 20 21 22 23 24 … 28 29 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

718 advisories