Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

118 advisories

Loading
Directory Traversal in send Low
CVE-2014-6394 was published for send (npm) Oct 24, 2017
Puppet vulnerable to Path Traversal Low
CVE-2012-3865 was published for puppet (RubyGems) Oct 24, 2017
Arbitrary File Write in cli Low
CVE-2016-10538 was published for cli (npm) Feb 18, 2019
Malicious URL drafting attack against iodines static file server may allow path traversal Low
CVE-2024-22050 was published for iodine (RubyGems) Oct 7, 2019
Path Traversal in openapi-python-client Low
CVE-2020-15141 was published for openapi-python-client (pip) Aug 20, 2020
pawamoy emann
Directory Traversal vulnerability in GET/PUT allows attackers to Disclose Information or Write Files via a crafted GET/PUT request Low
CVE-2020-15239 was published for xmpp-http-upload (pip) Oct 6, 2020
ChristianTacke
Path traversal in Node-Red Low
CVE-2021-21298 was published for @node-red/runtime (npm) Feb 26, 2021
Plugin archive directory traversal in Helm Low
CVE-2020-4053 was published for helm.sh/helm/v3 (Go) Jun 23, 2021
snoopysecurity
Path traversal in github.com/cloudflare/cfrpki/cmd/octorpki Low
GHSA-8459-6rc9-8vf8 was published for github.com/cloudflare/cfrpki (Go) Feb 14, 2022
Multiple directory traversal vulnerabilities in admin.php3 in PHPMyChat 0.14.5 allow remote... Low Unreviewed
CVE-2004-2717 was published Apr 29, 2022
unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".... Low Unreviewed
CVE-2006-0950 was published May 1, 2022
Multiple directory traversal vulnerabilities in aBitWhizzy allow remote attackers to list... Low Unreviewed
CVE-2007-1773 was published May 1, 2022
Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3... Low Unreviewed
CVE-2007-4271 was published May 1, 2022
Apache Tomcat Path Traversal Vulnerability Low
CVE-2007-5461 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and earlier allows remote... Low Unreviewed
CVE-2007-5731 was published May 1, 2022
Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote... Low Unreviewed
CVE-2008-0819 was published May 1, 2022
Directory traversal vulnerability in index.php in Scribe 0.2 allows remote attackers to read... Low Unreviewed
CVE-2008-0822 was published May 1, 2022
Absolute path traversal vulnerability in install/index.php in Drake CMS 0.4.11 RC8 allows remote... Low Unreviewed
CVE-2008-1371 was published May 1, 2022
Directory traversal vulnerability in makepost.php in DaZPHPNews 0.1-1, when register_globals is... Low Unreviewed
CVE-2008-1696 was published May 1, 2022
Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, when register_globals is... Low Unreviewed
CVE-2009-0286 was published May 2, 2022
Multiple directory traversal vulnerabilities in CutePHP CuteNews 1.4.6, when magic_quotes_gpc is... Low Unreviewed
CVE-2009-4116 was published May 2, 2022
Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for... Low Unreviewed
CVE-2010-0801 was published May 2, 2022
The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3... Low Unreviewed
CVE-2010-0926 was published May 2, 2022
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat... Low Unreviewed
CVE-2005-1918 was published May 3, 2022
Path traversal vulnerability in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to... Low Unreviewed
CVE-2022-28784 was published May 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database