Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,809
Erlang
36
GitHub Actions
31
Go
2,393
Maven
5,000+
npm
4,026
NuGet
720
pip
3,818
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,064 advisories

Loading
Path Traversal in Jenkins High
CVE-2018-1000194 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Arbitrary file read in ginadmin High
CVE-2022-30428 was published for github.com/gphper/ginadmin (Go) May 26, 2022
Path traversal in ginadmin High
CVE-2022-30427 was published for github.com/gphper/ginadmin (Go) May 26, 2022
A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. This may allow access... High Unreviewed
CVE-2021-35250 was published Apr 26, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jboss EAP Undertow High
CVE-2018-1048 was published for org.jboss.eap:wildfly-undertow (Maven) May 13, 2022
The Simple:Press plugin for WordPress is vulnerable to Path Traversal in versions up to, and... High Unreviewed
CVE-2022-4030 was published Nov 29, 2022
Improper Limitation of a Pathname to a Restricted Directory in Fabric8 Kubernetes Client High
CVE-2021-20218 was published for io.fabric8:kubernetes-client (Maven) May 24, 2022
BigBlueButton before 2.2.5 allows remote attackers to obtain sensitive files via Local File... High Unreviewed
CVE-2020-12112 was published May 24, 2022
Onedev v7.4.14 contains a path traversal vulnerability which allows attackers to access... High Unreviewed
CVE-2022-38301 was published Sep 15, 2022
Directory traversal vulnerability in the Realtyna Translator (com_realtyna) component 1.0.15 for... High Unreviewed
CVE-2010-2682 was published May 17, 2022
Apache Fineract allowed an authenticated user to perform remote code execution due to a path... High Unreviewed
CVE-2022-44635 was published Nov 29, 2022
Directory traversal vulnerability in the Gadget Factory (com_gadgetfactory) component 1.0.0 and 1... High Unreviewed
CVE-2010-1956 was published May 17, 2022
Directory traversal vulnerability in the Dione Form Wizard (aka FDione or com_dioneformwizard)... High Unreviewed
CVE-2010-2045 was published May 17, 2022
Directory traversal vulnerability in the Love Factory (com_lovefactory) component 1.3.4 for... High Unreviewed
CVE-2010-1957 was published May 17, 2022
Twig may load a template outside a configured directory when using the filesystem loader High
CVE-2022-39261 was published for twig/twig (Composer) Sep 30, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,... High Unreviewed
CVE-2021-1296 was published May 24, 2022
TOTVS Fluig Luke 1.7.0 allows directory traversal via a base64 encoded file=../ to a volume... High Unreviewed
CVE-2020-29134 was published May 24, 2022
Directory traversal vulnerability in the JE Quotation Form (com_jequoteform) component 1.0b1 for... High Unreviewed
CVE-2010-2128 was published May 17, 2022
Directory traversal vulnerability in the Moron Solutions MS Comment (com_mscomment) component 0.8... High Unreviewed
CVE-2010-2050 was published May 17, 2022
Directory traversal vulnerability in the redTWITTER (com_redtwitter) component 1.0.x including 1... High Unreviewed
CVE-2010-1983 was published May 17, 2022
Directory traversal vulnerability in the bootstrap service in Cisco Unified Contact Center... High Unreviewed
CVE-2010-1571 was published May 17, 2022
Directory traversal vulnerability in the OrgChart (com_orgchart) component 1.0.0 for Joomla!... High Unreviewed
CVE-2010-1878 was published May 17, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,... High Unreviewed
CVE-2021-1297 was published May 24, 2022
Directory traversal vulnerability in FFFTP 1.96b allows remote FTP servers to create or overwrite... High Unreviewed
CVE-2008-6424 was published May 17, 2022
The Brizy Page Builder plugin <= 2.3.11 for WordPress allowed authenticated users to upload... High Unreviewed
CVE-2021-38346 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database