GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
5,187 advisories
Filter by severity
nhttpd in Nostromo before 2.1 is vulnerable to a path traversal that may allow an attacker to...
Critical
Unreviewed
CVE-2022-48253
was published
Jan 11, 2023
Authenticated mail users, under specific circumstances, could add files with unsanitized content...
High
Unreviewed
CVE-2022-42136
was published
Jan 13, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15643
was published
May 24, 2022
The Images Optimize and Upload CF7 WordPress plugin through 2.1.4 does not validate the file to...
Critical
Unreviewed
CVE-2022-4101
was published
Jan 16, 2023
Directory traversal vulnerability in pfSense-pkg-WireGuard pfSense-pkg-WireGuard 0.1.5 versions...
Moderate
Unreviewed
CVE-2022-21132
was published
Mar 11, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA)...
Critical
Unreviewed
CVE-2021-42853
was published
Mar 11, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) PluginServlet...
Critical
Unreviewed
CVE-2021-42854
was published
Mar 11, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA)...
Critical
Unreviewed
CVE-2021-42787
was published
Mar 11, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA)...
Moderate
Unreviewed
CVE-2021-42857
was published
Mar 11, 2022
An absolute path traversal vulnerability allows a remote attacker to download any file on the...
High
Unreviewed
CVE-2022-25216
was published
Mar 12, 2022
Path traversal vulnerability exists in CAMS for HIS Server contained in the following Yokogawa...
High
Unreviewed
CVE-2022-21808
was published
Mar 12, 2022
There is a path traversal vulnerability in CAMS for HIS Log Server contained in the following...
High
Unreviewed
CVE-2022-21177
was published
Mar 12, 2022
An issue in index.php of OneNav v0.9.14 allows attackers to perform directory traversal.
Moderate
Unreviewed
CVE-2022-26276
was published
Mar 13, 2022
An issue was discovered in PONTON X/P Messenger before 3.11.2. Due to path traversal in private...
Critical
Unreviewed
CVE-2021-45887
was published
Mar 14, 2022
The Simple Download Monitor WordPress plugin before 3.9.5 allows users with a role as low as...
Moderate
Unreviewed
CVE-2021-24692
was published
Mar 15, 2022
The Server component of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports...
High
Unreviewed
CVE-2022-22771
was published
Mar 16, 2022
Path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File...
High
Unreviewed
CVE-2021-45010
was published
Mar 16, 2022
When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows...
High
Unreviewed
CVE-2022-25249
was published
Mar 17, 2022
Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x...
High
Unreviewed
CVE-2022-26500
was published
Mar 18, 2022
Directory traversal vulnerability in core/lib/router.php in LotusCMS Fraise 3.0, when...
Moderate
Unreviewed
CVE-2011-0518
was published
May 17, 2022
Directory traversal vulnerability in modules/profile/user.php in Ax Developer CMS (AxDCMS) 0.1.1...
Moderate
Unreviewed
CVE-2011-0506
was published
May 17, 2022
Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, as used in Appeon,...
High
Unreviewed
CVE-2011-0497
was published
May 17, 2022
Directory traversal vulnerability in system/system.php in Zwii 2.1.1, when magic_quotes_gpc is...
Moderate
Unreviewed
CVE-2011-0505
was published
May 17, 2022
Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1...
Moderate
Unreviewed
CVE-2011-0494
was published
May 17, 2022
Directory traversal vulnerability in module.php in PhpGedView 4.2.3 and possibly other versions,...
Moderate
Unreviewed
CVE-2011-0405
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API