Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,698
Maven
5,000+
npm
4,325
NuGet
761
pip
4,099
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,228 advisories

Loading
Path Traversal in Apache Flink High
CVE-2020-17519 was published for org.apache.flink:flink-runtime_2.11 (Maven) Jan 6, 2021
stephanmiehe
Credited to stephanmiehe
Directory traversal attack in Spring Cloud Config High
CVE-2020-5410 was published for org.springframework.cloud:spring-cloud-config-server (Maven) Jun 5, 2020
SaltStack Salt is vulnerable Arbitrary Directory Access High
CVE-2020-11652 was published for salt (pip) May 24, 2022
Path Traversal in Action View High
CVE-2019-5418 was published for actionview (RubyGems) Mar 13, 2019
Directory traversal vulnerability in Action View in Ruby on Rails High
CVE-2016-0752 was published for actionpack (RubyGems) Oct 24, 2017
This High severity Path Traversal (Arbitrary Write) vulnerability was introduced in versions: 9... High Unreviewed
CVE-2025-22167 was published Oct 22, 2025
Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network... High Unreviewed
CVE-2015-0666 was published May 17, 2022
Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0... High Unreviewed
CVE-2010-2861 was published May 17, 2022
Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) component in Microsoft... High Unreviewed
CVE-2015-0016 was published May 14, 2022
Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 7.1 before SP2 Patch 4... High Unreviewed
CVE-2014-0780 was published May 17, 2022
Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Runtime... High Unreviewed
CVE-2025-61884 was published Oct 12, 2025
SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal... High Unreviewed
CVE-2024-57727 was published Jan 16, 2025
A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware... High Unreviewed
CVE-2024-11667 was published Nov 27, 2024
A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2... High Unreviewed
CVE-2023-35081 was published Aug 3, 2023
A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated... High Unreviewed
CVE-2023-38950 was published Aug 4, 2023
Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP... High Unreviewed
CVE-2022-27925 was published Apr 22, 2022
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an... High Unreviewed
CVE-2022-30333 was published May 10, 2022
Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x... High Unreviewed
CVE-2022-26500 was published Mar 18, 2022
Microsoft MSHTML Remote Code Execution Vulnerability High Unreviewed
CVE-2021-40444 was published May 24, 2022
SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an... High Unreviewed
CVE-2021-38163 was published May 24, 2022
A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8... High Unreviewed
CVE-2024-41713 was published Oct 21, 2024
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow... High Unreviewed
CVE-2024-28995 was published Jun 6, 2024
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1... High Unreviewed
CVE-2020-5902 was published May 24, 2022
This external control of file name or path vulnerability allows remote attackers to access or... High Unreviewed
CVE-2019-7195 was published May 24, 2022
This external control of file name or path vulnerability allows remote attackers to access or... High Unreviewed
CVE-2019-7194 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database