Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,021 advisories

Loading
The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper... High Unreviewed
CVE-2017-11511 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2017-10940 was published May 13, 2022
OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains... High Unreviewed
CVE-2017-15276 was published May 17, 2022
The Smush Image Compression and Optimization plugin before 2.7.6 for WordPress allows directory... High Unreviewed
CVE-2017-15079 was published May 17, 2022
Directory traversal vulnerability in Cybele Software Thinfinity Remote Desktop Workstation 3.0.0... High Unreviewed
CVE-2015-1429 was published May 13, 2022
A directory traversal vulnerability in HPE BSM Platform Application Performance Management System... High Unreviewed
CVE-2017-13982 was published May 17, 2022
Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change... High Unreviewed
CVE-2017-14849 was published May 13, 2022
Before version 4.8.2, WordPress was vulnerable to a directory traversal attack during unzip... High Unreviewed
CVE-2017-14719 was published May 17, 2022
Before version 4.8.2, WordPress allowed a Directory Traversal attack in the Customizer component... High Unreviewed
CVE-2017-14722 was published May 17, 2022
Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! allows... High Unreviewed
CVE-2015-4074 was published May 17, 2022
A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The... High Unreviewed
CVE-2017-13996 was published May 13, 2022
Directory traversal vulnerability in ServiceDesk Plus MSP v5 to v9.0 v9030; AssetExplorer v4 to... High Unreviewed
CVE-2014-5301 was published May 14, 2022
Directory traversal vulnerability in ajaxfileupload.php in Kayson Group Ltd. phpGrid before 7.2.5... High Unreviewed
CVE-2017-10665 was published May 17, 2022
Directory traversal vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7... High Unreviewed
CVE-2017-11152 was published May 13, 2022
Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows... High Unreviewed
CVE-2011-5325 was published May 13, 2022
Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL... High Unreviewed
CVE-2017-7442 was published May 13, 2022
An issue was discovered in the Cloud Controller API in Cloud Foundry Foundation CAPI-release... High Unreviewed
CVE-2017-8033 was published May 13, 2022
Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and... High Unreviewed
CVE-2017-1000028 was published May 14, 2022
A directory traversal vulnerability exists in MetInfo 5.3.17. A remote attacker can use ..\ to... High Unreviewed
CVE-2017-11500 was published May 13, 2022
Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Directory Traversal with /%5C../... High Unreviewed
CVE-2017-10974 was published May 17, 2022
Directory traversal vulnerability in Spiffy before 5.4. High Unreviewed
CVE-2015-8235 was published May 14, 2022
Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with... High Unreviewed
CVE-2017-8841 was published May 17, 2022
A vulnerability in the web framework of the Cisco TelePresence IX5000 Series could allow an... High Unreviewed
CVE-2017-6652 was published May 17, 2022
Secure Bytes Cisco Configuration Manager, as bundled in Secure Bytes Secure Cisco Auditor (SCA) 3... High Unreviewed
CVE-2017-9024 was published May 13, 2022
In FlightGear before 2017.2.1, the FGCommand interface allows overwriting any file the user has... High Unreviewed
CVE-2017-8921 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database