GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,627
Composer 4,226
Erlang 31
GitHub Actions 19
Go 1,991
Maven 5,174
npm 3,708
NuGet 661
pip 3,339
Pub 11
RubyGems 884
Rust 846
Swift 36

Unreviewed advisories

All unreviewed 234,545

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

578 advisories

Filter by severity

Sort by

Least recently updated

D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers to read passwords via a... Critical Unreviewed

CVE-2017-12943 was published May 17, 2022

A path traversal information disclosure vulnerability exists in Schneider Electric's U.motion... Critical Unreviewed

CVE-2017-7974 was published May 17, 2022

The WebUI component in Deluge before 1.3.15 contains a directory traversal vulnerability... Critical Unreviewed

CVE-2017-9031 was published May 17, 2022

Directory traversal vulnerability in eNovance eDeploy allows remote attackers to create arbitrary... Critical Unreviewed

CVE-2014-3702 was published May 17, 2022

Debian ftpsync before 20171017 does not use the rsync --safe-links option, which allows remote... Critical Unreviewed

CVE-2017-8805 was published May 17, 2022

A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow... Critical Unreviewed

CVE-2017-9367 was published May 17, 2022

LvyeCMS through 3.1 allows remote attackers to upload and execute arbitrary PHP code via... Critical Unreviewed

CVE-2017-16903 was published May 17, 2022

Inedo Otter before 1.7.4 has directory traversal in filesystem-based rafts via vectors involving ... Critical Unreviewed

CVE-2017-15607 was published May 17, 2022

Directory traversal vulnerability in QND Advance/Standard allows an attacker to read arbitrary... Critical Unreviewed

CVE-2017-10861 was published May 17, 2022

The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has directory traversal... Critical Unreviewed

CVE-2017-17739 was published May 14, 2022

Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal... Critical Unreviewed

CVE-2017-17992 was published May 14, 2022

An issue was discovered in the HTTP Server in RAVPower Filehub 2.000.056. Due to an unrestricted... Critical Unreviewed

CVE-2018-5997 was published May 14, 2022

A Remote Code Execution vulnerability in HPE UCMDB version v10.10, v10.11, v10.20, v10.21, v10.22... Critical Unreviewed

CVE-2017-8947 was published May 14, 2022

An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function does not block ... Critical Unreviewed

CVE-2018-7442 was published May 14, 2022

An issue was discovered in Webmin 1.840 and 1.880 when the default Yes setting of "Can view any... Critical Unreviewed

CVE-2018-8712 was published May 14, 2022

A Directory Traversal vulnerability in DashboardFileReceiveServlet in the Brocade Network Advisor... Critical Unreviewed

CVE-2016-8205 was published May 14, 2022

On Appear TV XC5000 and XC5100 devices with firmware 3.26.217, it is possible to read OS files... Critical Unreviewed

CVE-2018-7539 was published May 14, 2022

util/FileDownloadUtils.java in FileDownloader 1.7.3 does not check an attachment's name. If an... Critical Unreviewed

CVE-2018-11248 was published May 14, 2022

The 'IMAGES_JSON' and 'attachments_to_remove[]' parameters of the '/adminui/advisory.php' script... Critical Unreviewed

CVE-2018-11141 was published May 14, 2022

Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file... Critical Unreviewed

CVE-2018-12031 was published May 14, 2022

XiongMai uc-httpd has directory traversal allowing the reading of arbitrary files via a "GET ../"... Critical Unreviewed

CVE-2017-7577 was published May 14, 2022

The uc-http service 1.0.0 on VelotiSmart WiFi B-380 camera devices allows Directory Traversal, as... Critical Unreviewed

CVE-2018-14064 was published May 14, 2022

GitLab Community and Enterprise Edition before 10.7.7, 10.8.x before 10.8.6, and 11.x before 11.0... Critical Unreviewed

CVE-2018-14364 was published May 14, 2022

Directory traversal vulnerability in the file upload functionality in ZOHO WebNMS Framework 5.2... Critical Unreviewed

CVE-2016-6600 was published May 14, 2022

Analysis of the Bomgar Remote Support Portal JavaStart.jar Applet 52790 and earlier revealed that... Critical Unreviewed

CVE-2017-12815 was published May 14, 2022

Previous 1 2 … 17 18 19 20 21 22 23 24 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

578 advisories