Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,698
Maven
5,000+
npm
4,325
NuGet
761
pip
4,099
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

827 advisories

Loading
The CivetWeb web library does not validate uploaded filepaths when running on an OS other than... Critical Unreviewed
CVE-2020-27304 was published May 24, 2022
The Cab fare calculator WordPress plugin through 1.0.3 does not validate the controller parameter... Critical Unreviewed
CVE-2022-1391 was published Apr 26, 2022
There are multiple unauthenticated directory traversal vulnerabilities in different FTP commands... Critical Unreviewed
CVE-2020-20277 was published May 24, 2022
The Enterprise License Manager portal in Mitel MiContact Center Enterprise before 9.4 could allow... Critical Unreviewed
CVE-2021-26714 was published May 24, 2022
In Real Player 20.0.7.309 and 20.0.8.310, external::Import() allows download of arbitrary file... Critical Unreviewed
CVE-2022-32270 was published Jun 4, 2022
An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to... Critical Unreviewed
CVE-2021-20034 was published May 24, 2022
An issue in Webbank WeCube v3.2.2 allows attackers to execute a directory traversal via a crafted... Critical Unreviewed
CVE-2022-28945 was published Jun 3, 2022
ZipSlip vulnerability in bblfshd Critical Unreviewed
CVE-2021-32825 was published May 24, 2022
Path Traversal in file editor on Windows in Gogs Critical
CVE-2022-1992 was published for gogs.io/gogs (Go) Jun 8, 2022
1135
Credited to 1135
A vulnerability was found in soerennb eXtplorer up to 2.1.12 and classified as critical. Affected... Critical Unreviewed
CVE-2019-25097 was published Jan 5, 2023
Directory traversal vulnerability in Trend Micro Control Manager 6.0 allows remote code execution... Critical Unreviewed
CVE-2017-11389 was published May 17, 2022
A vulnerability was found in soerennb eXtplorer up to 2.1.12. It has been classified as critical.... Critical Unreviewed
CVE-2019-25098 was published Jan 5, 2023
ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal and file extension... Critical Unreviewed
CVE-2017-1000002 was published May 17, 2022
iSpyConnect iSpy v7.2.2.0 is vulnerable to path traversal. Critical Unreviewed
CVE-2022-29774 was published Jun 22, 2022
In Anti-Web through 3.8.7, as used on NetBiter FGW200 devices through 3.21.2, WS100 devices... Critical Unreviewed
CVE-2017-9097 was published May 17, 2022
Path traversal in Concrete CMS Critical
CVE-2022-30117 was published for concrete5/core (Composer) Jun 25, 2022
The AFDudley/equanimity repository through 2014-04-23 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31511 was published Jul 12, 2022
The BolunHan/Krypton repository through 2021-06-03 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31513 was published Jul 12, 2022
The idayrus/evoting repository before 2022-05-08 on GitHub allows absolute path traversal because... Critical Unreviewed
CVE-2022-31508 was published Jul 12, 2022
An issue in /admin/index.php?lfj=mysql&action=del of Qibosoft v7 allows attackers to arbitrarily... Critical Unreviewed
CVE-2020-20944 was published Dec 28, 2021
LRM contains a directory traversal vulnerability that can allow a malicious actor to upload... Critical Unreviewed
CVE-2022-1518 was published Jun 25, 2022
The Product Configurator for WooCommerce WordPress plugin before 1.2.32 suffers from an arbitrary... Critical Unreviewed
CVE-2022-1953 was published Jun 28, 2022
The olmax99/pyathenastack repository through 2019-11-08 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31550 was published Jul 12, 2022
The jmcginty15/Solar-system-simulator repository through 2021-07-26 on GitHub allows absolute... Critical Unreviewed
CVE-2022-31537 was published Jul 12, 2022
The ThundeRatz/ThunderDocs repository through 2020-05-01 on GitHub allows absolute path traversal... Critical Unreviewed
CVE-2022-31526 was published Jul 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database