Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

578 advisories

Loading
A Directory Traversal Remote Code Execution vulnerability in Trend Micro Control Manager ... Critical Unreviewed
CVE-2018-10510 was published May 14, 2022
Citrix XenServer 7.1 and newer allows Directory Traversal. Critical Unreviewed
CVE-2018-14007 was published May 14, 2022
A directory traversal vulnerability with remote code execution in Prim'X Zed! FREE through 1.0... Critical Unreviewed
CVE-2018-16518 was published May 14, 2022
The Wechat Broadcast plugin 1.2.0 and earlier for WordPress allows Directory Traversal via the... Critical Unreviewed
CVE-2018-16283 was published May 14, 2022
Agentejo Cockpit performs actions on files without appropriate validation and therefore allows an... Critical Unreviewed
CVE-2018-15540 was published May 14, 2022
ProjectSend (formerly cFTP) r582 allows directory traversal via file=../ in the process-zip... Critical Unreviewed
CVE-2016-10733 was published May 14, 2022
EmpireCMS V7.5 allows remote attackers to upload and execute arbitrary code via ..%2F directory... Critical Unreviewed
CVE-2018-18869 was published May 14, 2022
CMS ISWEB 3.5.3 is vulnerable to directory traversal and local file download, as demonstrated by... Critical Unreviewed
CVE-2018-14957 was published May 14, 2022
Directory traversal vulnerability in Cybozu Dezie 8.0.2 to 8.1.2 allows remote attackers to read... Critical Unreviewed
CVE-2018-0705 was published May 14, 2022
MailEnable before 8.60 allows Directory Traversal for reading the messages of other users,... Critical Unreviewed
CVE-2015-9277 was published May 14, 2022
idreamsoft iCMS 7.0.13 allows admincp.php?app=files ../ Directory Traversal via the udir... Critical Unreviewed
CVE-2019-7160 was published May 14, 2022
An issue was discovered in idreamsoft iCMS 7.0.13. admincp.php?app=apps&do=save allows directory... Critical Unreviewed
CVE-2019-7234 was published May 14, 2022
A directory traversal vulnerability was discovered in Enphase Envoy R3.*.* via images/, include/,... Critical Unreviewed
CVE-2019-7678 was published May 14, 2022
A Path Traversal vulnerability was discovered in MOPCMS through 2018-11-30, leading to deletion... Critical Unreviewed
CVE-2019-9015 was published May 14, 2022
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: directory... Critical Unreviewed
CVE-2018-5337 was published May 14, 2022
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files... Critical Unreviewed
CVE-2018-14847 was published May 14, 2022
Silverpeas 5.15 through 6.0.2 is affected by an authenticated Directory Traversal vulnerability... Critical Unreviewed
CVE-2018-19586 was published May 14, 2022
An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly... Critical Unreviewed
CVE-2019-10945 was published May 14, 2022
Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and... Critical Unreviewed
CVE-2015-8352 was published May 14, 2022
Multiple directory traversal vulnerabilities in (1) includes/MapImportCSV2.php and (2) includes... Critical Unreviewed
CVE-2015-7669 was published May 14, 2022
IBM Cognos Analytics 11 could allow a remote attacker to traverse directories on the system. An... Critical Unreviewed
CVE-2019-4178 was published May 14, 2022
Path traversal vulnerability in the administrative panel in KonaKart eCommerce Platform version 8... Critical Unreviewed
CVE-2017-17108 was published May 14, 2022
An issue was discovered in BlogEngine.NET through 3.3.6.0. A path traversal and Local File... Critical Unreviewed
CVE-2019-6714 was published May 14, 2022
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0... Critical Unreviewed
CVE-2018-8780 was published May 14, 2022
It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory... Critical Unreviewed
CVE-2018-16858 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database