Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

717 advisories

Loading
An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker who has compromised a... Critical Unreviewed
CVE-2021-43290 was published Apr 15, 2022
CMSimple 5.4 is vulnerable to Directory Traversal. The vulnerability exists when a user changes... Critical Unreviewed
CVE-2021-43741 was published Apr 14, 2022
A CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')... Critical Unreviewed
CVE-2021-22794 was published Apr 14, 2022
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain... Critical Unreviewed
CVE-2022-27277 was published Apr 11, 2022
Dell VNX2 for File version 8.1.21.266 and earlier, contain a path traversal vulnerability which... Critical Unreviewed
CVE-2021-36288 was published Apr 9, 2022
Path traversal in Hadoop Critical
CVE-2022-26612 was published for org.apache.hadoop:hadoop-common (Maven) Apr 8, 2022
The Narnoo Distributor WordPress plugin through 2.5.1 fails to validate and sanitize the lib_path... Critical Unreviewed
CVE-2022-0679 was published Mar 29, 2022
Path Traversal in Studio-42 elFinder through 2.1.60 Critical
CVE-2022-26960 was published for studio-42/elfinder (Composer) Mar 22, 2022
An issue was discovered in Pascom Cloud Phone System before 7.20.x. A configuration error between... Critical Unreviewed
CVE-2021-45967 was published Mar 19, 2022
Some commands used by the Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x eXchange Layer... Critical Unreviewed
CVE-2020-25176 was published Mar 19, 2022
Path Traversal in GitHub repository prasathmani/tinyfilemanager prior to 2.4.7. Critical Unreviewed
CVE-2022-1000 was published Mar 18, 2022
An issue was discovered in PONTON X/P Messenger before 3.11.2. Due to path traversal in private... Critical Unreviewed
CVE-2021-45887 was published Mar 14, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA)... Critical Unreviewed
CVE-2021-42787 was published Mar 11, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA)... Critical Unreviewed
CVE-2021-42853 was published Mar 11, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) PluginServlet... Critical Unreviewed
CVE-2021-42854 was published Mar 11, 2022
An path traversal vulnerability leading to delete arbitrary files was discovered in BigFileAgent.... Critical Unreviewed
CVE-2021-26619 was published Feb 19, 2022
Path Traversal in ImpressCMS Critical
CVE-2022-24977 was published for impresscms/impresscms (Composer) Feb 15, 2022
IBM Planning Analytics 2.0 and IBM Planning Analytics Workspace 2.0 DQM API allows submitting of... Critical Unreviewed
CVE-2021-38892 was published Feb 12, 2022
Multiple Mitsubishi Electric Factory Automation products have a vulnerability that allows an... Critical Unreviewed
CVE-2020-14523 was published Feb 12, 2022
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that... Critical Unreviewed
CVE-2022-24311 was published Feb 11, 2022
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that... Critical Unreviewed
CVE-2022-24312 was published Feb 11, 2022
Path Traversal in Eclipse Vert Critical
CVE-2019-17640 was published for io.vertx:vertx-web (Maven) Feb 10, 2022
Path Traversal in Crafter CMS Crafter Studio Critical
CVE-2017-15681 was published for org.craftercms:crafter-studio (Maven) Feb 9, 2022
mozilo2.0 was discovered to be vulnerable to directory traversal attacks via the parameter... Critical Unreviewed
CVE-2022-23357 was published Feb 8, 2022
Path Traversal in w-zip Critical
CVE-2022-0401 was published for w-zip (npm) Feb 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database