Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,681 advisories

Loading
Directory traversal vulnerability in system/system.php in Zwii 2.1.1, when magic_quotes_gpc is... Moderate Unreviewed
CVE-2011-0505 was published May 17, 2022
Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1... Moderate Unreviewed
CVE-2011-0494 was published May 17, 2022
Directory traversal vulnerability in modules/profile/user.php in Ax Developer CMS (AxDCMS) 0.1.1... Moderate Unreviewed
CVE-2011-0506 was published May 17, 2022
Directory traversal vulnerability in core/lib/router.php in LotusCMS Fraise 3.0, when... Moderate Unreviewed
CVE-2011-0518 was published May 17, 2022
The Simple Download Monitor WordPress plugin before 3.9.5 allows users with a role as low as... Moderate Unreviewed
CVE-2021-24692 was published Mar 15, 2022
Path Traversal in Gitea Moderate
CVE-2021-29134 was published for code.gitea.io/gitea (Go) Mar 16, 2022
An issue in index.php of OneNav v0.9.14 allows attackers to perform directory traversal. Moderate Unreviewed
CVE-2022-26276 was published Mar 13, 2022
Path traversal in FreeTAKServer-UI Moderate
CVE-2022-25511 was published for FreeTAKServer-UI (pip) Mar 12, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA)... Moderate Unreviewed
CVE-2021-42857 was published Mar 11, 2022
Directory traversal vulnerability in pfSense-pkg-WireGuard pfSense-pkg-WireGuard 0.1.5 versions... Moderate Unreviewed
CVE-2022-21132 was published Mar 11, 2022
Sinatra Path Traversal vulnerability Moderate
CVE-2018-7212 was published for sinatra (RubyGems) Feb 20, 2018
The rack-cors rubygem may allow directory traveral Moderate
CVE-2019-18978 was published for rack-cors (RubyGems) Nov 15, 2019
RustEmbed generated `get` method allows for directory traversal when reading files from disk Moderate
GHSA-cgw6-f3mj-h742 was published for rust-embed (Rust) Jun 17, 2022
Arbitrary File Write via Archive Extraction in mholt/archiver Moderate
CVE-2018-1002207 was published for github.com/mholt/archiver (Go) Feb 15, 2022
avivdolev
Path Traversal within joomla/archive zip class Moderate
CVE-2021-26028 was published for joomla/archive (Composer) Mar 24, 2021
Path Traversal in public Moderate
GHSA-4vvp-x9h2-x2vf was published for public (npm) Sep 3, 2020
Directory traversal outside of SENDFILE_ROOT in django-sendfile2 Moderate
GHSA-6r3c-8xf3-ggrr was published for django-sendfile2 (pip) Jun 24, 2020
gipi moggers87
Directory Traversal in restafary Moderate
CVE-2016-10528 was published for restafary (npm) Feb 18, 2019
Directory Traversal in featurebook Moderate
GHSA-7x92-2j68-h32c was published for featurebook (npm) Sep 1, 2020
Hidden Directories Always Served in inert Moderate
CVE-2014-10068 was published for inert (npm) Aug 31, 2020
Directory traversal in Apache RocketMQ Moderate
CVE-2019-17572 was published for org.apache.rocketmq:rocketmq-broker (Maven) Jul 1, 2020
Moderate severity vulnerability that affects org.apache.tika:tika-core Moderate
CVE-2018-11762 was published for org.apache.tika:tika-core (Maven) Oct 17, 2018
Moderate severity vulnerability that affects org.apache.karaf:apache-karaf and org.apache.karaf:karaf Moderate
CVE-2019-0191 was published for org.apache.karaf:apache-karaf (Maven) Mar 25, 2019
Directory Traversal in bitty Moderate
CVE-2016-10561 was published for bitty (npm) Feb 18, 2019
Moderate severity vulnerability that affects com.sparkjava:spark-core Moderate
CVE-2018-9159 was published for com.sparkjava:spark-core (Maven) Oct 19, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database