Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,810
Erlang
36
GitHub Actions
31
Go
2,396
Maven
5,000+
npm
4,030
NuGet
721
pip
3,820
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,478 advisories

Loading
Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows... High Unreviewed
CVE-2004-2686 was published Apr 29, 2022
Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to... High Unreviewed
CVE-2004-1364 was published Apr 29, 2022
Directory traversal vulnerability in RealOne Player, RealOne Player 2.0, and RealOne Enterprise... High Unreviewed
CVE-2004-0273 was published Apr 29, 2022
Directory traversal vulnerability in BisonFTP Server 4 release 2 allows remote attackers to (1)... High Unreviewed
CVE-2003-1380 was published Apr 29, 2022
Opera allows remote attackers to bypass intended cookie access restrictions on a web application... High Unreviewed
CVE-2003-0593 was published Apr 29, 2022
Franklin Fueling Systems FFS T5 Series 1.8.7.7299 is affected by an unauthenticated directory... High Unreviewed
CVE-2021-46421 was published Apr 28, 2022
Franklin Fueling Systems FFS TS-550 evo 2.23.4.8936 is affected by an unauthenticated directory... High Unreviewed
CVE-2021-46420 was published Apr 28, 2022
A path traversal vulnerability in XPLATFORM's runtime archive function could lead to arbitrary... High Unreviewed
CVE-2021-26629 was published Apr 27, 2022
Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend... High Unreviewed
CVE-2022-28059 was published Apr 27, 2022
Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend... High Unreviewed
CVE-2022-28058 was published Apr 27, 2022
HongCMS 3.0.0 allows arbitrary file deletion via the component /admin/index.php/template/ajax... High Unreviewed
CVE-2022-28523 was published Apr 27, 2022
dhcms v20170919 was discovered to contain an arbitrary folder deletion vulnerability via /admin... High Unreviewed
CVE-2022-28527 was published Apr 27, 2022
There is a Directory Traversal vulnerability in Artica Proxy (4.30.000000 SP206 through SP255,... High Unreviewed
CVE-2021-40680 was published Apr 26, 2022
The Videos sync PDF WordPress plugin through 1.7.4 does not validate the p parameter before using... High Unreviewed
CVE-2022-1392 was published Apr 26, 2022
A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. This may allow access... High Unreviewed
CVE-2021-35250 was published Apr 26, 2022
Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP... High Unreviewed
CVE-2022-27925 was published Apr 22, 2022
Dell EMC AppSync versions from 3.9 to 4.3 contain a path traversal vulnerability in AppSync... High Unreviewed
CVE-2022-24424 was published Apr 22, 2022
UCMS v1.6 was discovered to contain an arbitrary file read vulnerability. High Unreviewed
CVE-2022-28444 was published Apr 22, 2022
IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss... High Unreviewed
CVE-2010-5335 was published Apr 21, 2022
IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss... High Unreviewed
CVE-2010-5334 was published Apr 21, 2022
Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in... High Unreviewed
CVE-2009-3721 was published Apr 21, 2022
Zoo 2.10-27 has Directory traversal High Unreviewed
CVE-2005-2349 was published Apr 21, 2022
The affected product is vulnerable to a network-based attack by threat actors utilizing crafted... High Unreviewed
CVE-2021-43988 was published Apr 21, 2022
In Citrix XenMobile Server through 10.12 RP9, there is an Authenticated Directory Traversal... High Unreviewed
CVE-2021-44519 was published Apr 20, 2022
The Simple File List WordPress plugin is vulnerable to Arbitrary File Download via the eeFile... High Unreviewed
CVE-2022-1119 was published Apr 20, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database