Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,790
Erlang
36
GitHub Actions
29
Go
2,370
Maven
5,000+
npm
3,994
NuGet
720
pip
3,783
Pub
12
RubyGems
927
Rust
982
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,987 advisories

Loading
Path Traversal in Django Moderate
CVE-2021-33203 was published for Django (pip) Jun 10, 2021
Path Traversal in bikshed Moderate
CVE-2021-23423 was published for bikeshed (pip) Aug 30, 2021
Path traversal in Grafana Cortex Moderate
CVE-2021-36157 was published for github.com/cortexproject/cortex (Go) Sep 2, 2021
Directory Traversal in isomorphic-git Moderate
CVE-2021-30483 was published for isomorphic-git (npm) Sep 2, 2021
Path traversal in Grafana Loki Moderate
CVE-2021-36156 was published for github.com/grafana/loki (Go) Sep 2, 2021
simonswine
Partial path traversal in sharpcompress Moderate
CVE-2021-39208 was published for sharpcompress (NuGet) Sep 20, 2021
JarLob geoffodonnell
Path Traversal in serve-here.js Moderate
CVE-2019-5444 was published for serve-here.js (npm) Sep 22, 2021
Improperly Implemented path matching for in-toto-golang Moderate
CVE-2021-41087 was published for github.com/in-toto/in-toto-golang (Go) Sep 22, 2021
pxp928
Insufficiently restricted permissions on plugin directories Moderate
CVE-2021-41103 was published for github.com/containerd/containerd (Go) Oct 4, 2021
Path Traversal in @backstage/plugin-scaffolder-backend Moderate
CVE-2021-41151 was published for @backstage/plugin-scaffolder-backend (npm) Oct 19, 2021
Client metadata path-traversal Moderate
CVE-2021-41131 was published for tuf (pip) Oct 19, 2021
jku
It was discovered that on Windows operating systems specifically, Kibana was not validating a... Moderate Unreviewed
CVE-2021-37938 was published Nov 19, 2021
OX App Suite through 7.10.5 allows Directory Traversal via ../ in an OOXML or ODF ZIP archive,... Moderate Unreviewed
CVE-2021-33491 was published Nov 23, 2021
There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of... Moderate Unreviewed
CVE-2021-37023 was published Nov 24, 2021
NodeBB vulnerable to path traversal in translator module Moderate
CVE-2021-43788 was published for nodebb (npm) Nov 30, 2021
paul-gerste-sonarsource
S3Scanner allows Directory Traversal Moderate
CVE-2021-32061 was published for s3scanner (pip) Nov 30, 2021
Auerswald COMpact 5500R devices before 8.2B allow Arbitrary File Disclosure. A sub-admin can read... Moderate Unreviewed
CVE-2021-40858 was published Dec 14, 2021
A vulnerability has been identified in SIMATIC eaSie PCS 7 Skill Package (All versions < V21.00... Moderate Unreviewed
CVE-2021-42022 was published Dec 15, 2021
Path traversal when MessageBus::Diagnostics is enabled Moderate
CVE-2021-43840 was published for message_bus (RubyGems) Dec 17, 2021
Specially-crafted command line arguments can lead to arbitrary file deletion. The handle_delete... Moderate Unreviewed
CVE-2021-21908 was published Dec 23, 2021
A directory traversal vulnerability exists in the CMA CLI getenv command functionality of Garrett... Moderate Unreviewed
CVE-2021-21907 was published Dec 23, 2021
A directory traversal vulnerability exists in the Web Manager FsBrowseClean functionality of... Moderate Unreviewed
CVE-2021-21896 was published Dec 23, 2021
A directory traversal vulnerability exists in the Web Manager FSBrowsePage functionality of... Moderate Unreviewed
CVE-2021-21886 was published Dec 23, 2021
Path traversal vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession... Moderate Unreviewed
CVE-2021-20876 was published Dec 25, 2021
An information exposure issue has been discovered in Opmantek Open-AudIT 4.2.0. The vulnerability... Moderate Unreviewed
CVE-2021-44674 was published Jan 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database