Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,800
Erlang
36
GitHub Actions
29
Go
2,380
Maven
5,000+
npm
4,005
NuGet
720
pip
3,805
Pub
12
RubyGems
927
Rust
986
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,048 advisories

Loading
Path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File... High Unreviewed
CVE-2021-45010 was published Mar 16, 2022
When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows... High Unreviewed
CVE-2022-25249 was published Mar 17, 2022
Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x... High Unreviewed
CVE-2022-26500 was published Mar 18, 2022
Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, as used in Appeon,... High Unreviewed
CVE-2011-0497 was published May 17, 2022
Directory traversal vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla!... High Unreviewed
CVE-2010-4719 was published May 17, 2022
Path traversal in elFinder.NetCore High
CVE-2021-23428 was published for elFinder.NetCore (NuGet) Sep 2, 2021
Tempfile on Windows path traversal vulnerability High
CVE-2021-28966 was published for tmpdir (RubyGems) May 6, 2021
BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal... High Unreviewed
CVE-2022-23347 was published Mar 22, 2022
An issue was discovered in xmppserver jar in the XMPP Server component of the JIve platform, as... High Unreviewed
CVE-2021-45968 was published Mar 19, 2022
Rockwell Automation Connected Components Workbench v12.00.00 and prior does not sanitize paths... High Unreviewed
CVE-2021-27473 was published Mar 24, 2022
The parsing mechanism that processes certain file types does not provide input sanitization for... High Unreviewed
CVE-2021-27471 was published Mar 24, 2022
Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server High
CVE-2022-24730 was published for github.com/argoproj/argo-cd (Go) Mar 24, 2022
alexmt jessesuen
Passwork On-Premise Edition before 4.6.13 allows migration/uploadExportFile Directory Traversal ... High Unreviewed
CVE-2022-25267 was published Mar 25, 2022
Hiby Music Hiby OS R3 Pro 1.5 and 1.6 is vulnerable to Directory Traversal. The HTTP Server does... High Unreviewed
CVE-2021-44124 was published Mar 29, 2022
Path Traversal in ImpressCMS High
CVE-2021-26601 was published for impresscms/impresscms (Composer) Mar 29, 2022
The WordPress File Upload Free and Pro WordPress plugins before 4.16.3 allow users with a role as... High Unreviewed
CVE-2021-24962 was published Mar 29, 2022
Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly... High Unreviewed
CVE-2010-4154 was published May 17, 2022
Directory traversal vulnerability in CrossFTP Pro 1.65a, and probably earlier, allows remote FTP... High Unreviewed
CVE-2010-4153 was published May 17, 2022
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to path traversal... High Unreviewed
CVE-2022-25347 was published Mar 30, 2022
The default configuration of the PJL Access value in the File System External Access settings on... High Unreviewed
CVE-2010-4107 was published May 17, 2022
Directory traversal vulnerability in jphone.php in the JPhone (com_jphone) component 1.0 Alpha 3... High Unreviewed
CVE-2010-3426 was published May 17, 2022
Directory traversal vulnerability in AnyConnect 1.2.3.0, and possibly earlier, allows remote FTP... High Unreviewed
CVE-2010-4148 was published May 17, 2022
An attacker could utilize a function in MDT AutoSave versions prior to v6.02.06 that permits... High Unreviewed
CVE-2021-32949 was published Apr 3, 2022
AVEVA System Platform versions 2017 through 2020 R2 P01 uses external input to construct a... High Unreviewed
CVE-2021-32981 was published Apr 5, 2022
Barco Control Room Management through Suite 2.9 Build 0275 was discovered to be vulnerable to... High Unreviewed
CVE-2022-26233 was published Apr 5, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database