Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

684 advisories

Loading
Path Traversal in Studio-42 elFinder through 2.1.60 Critical
CVE-2022-26960 was published for studio-42/elfinder (Composer) Mar 22, 2022
An issue was discovered in Pascom Cloud Phone System before 7.20.x. A configuration error between... Critical Unreviewed
CVE-2021-45967 was published Mar 19, 2022
Some commands used by the Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x eXchange Layer... Critical Unreviewed
CVE-2020-25176 was published Mar 19, 2022
Path Traversal in GitHub repository prasathmani/tinyfilemanager prior to 2.4.7. Critical Unreviewed
CVE-2022-1000 was published Mar 18, 2022
An issue was discovered in PONTON X/P Messenger before 3.11.2. Due to path traversal in private... Critical Unreviewed
CVE-2021-45887 was published Mar 14, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA)... Critical Unreviewed
CVE-2021-42787 was published Mar 11, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA)... Critical Unreviewed
CVE-2021-42853 was published Mar 11, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) PluginServlet... Critical Unreviewed
CVE-2021-42854 was published Mar 11, 2022
An path traversal vulnerability leading to delete arbitrary files was discovered in BigFileAgent.... Critical Unreviewed
CVE-2021-26619 was published Feb 19, 2022
Path Traversal in ImpressCMS Critical
CVE-2022-24977 was published for impresscms/impresscms (Composer) Feb 15, 2022
IBM Planning Analytics 2.0 and IBM Planning Analytics Workspace 2.0 DQM API allows submitting of... Critical Unreviewed
CVE-2021-38892 was published Feb 12, 2022
Multiple Mitsubishi Electric Factory Automation products have a vulnerability that allows an... Critical Unreviewed
CVE-2020-14523 was published Feb 12, 2022
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that... Critical Unreviewed
CVE-2022-24311 was published Feb 11, 2022
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that... Critical Unreviewed
CVE-2022-24312 was published Feb 11, 2022
Path Traversal in Eclipse Vert Critical
CVE-2019-17640 was published for io.vertx:vertx-web (Maven) Feb 10, 2022
Path Traversal in Crafter CMS Crafter Studio Critical
CVE-2017-15681 was published for org.craftercms:crafter-studio (Maven) Feb 9, 2022
mozilo2.0 was discovered to be vulnerable to directory traversal attacks via the parameter... Critical Unreviewed
CVE-2022-23357 was published Feb 8, 2022
Path Traversal in w-zip Critical
CVE-2022-0401 was published for w-zip (npm) Feb 2, 2022
The Essential Addons for Elementor WordPress plugin before 5.0.5 does not validate and sanitise... Critical Unreviewed
CVE-2022-0320 was published Feb 2, 2022
Neo4j Graph Database vulnerable to Path Traversal Critical
CVE-2021-42767 was published for org.neo4j.procedure:apoc (Maven) Feb 1, 2022
ngrodum
The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive... Critical Unreviewed
CVE-2021-23520 was published Feb 1, 2022
A directory traversal vulnerability on Telos Z/IP One devices through 4.0.0r grants an... Critical Unreviewed
CVE-2020-17383 was published Jan 25, 2022
Path traversal in Apache James Critical
CVE-2021-40525 was published for org.apache.james:james-server (Maven) Jan 21, 2022
Apache Solr Improper Input Validation and Path Traversal Critical
CVE-2021-44548 was published for org.apache.solr:solr-parent (Maven) Jan 6, 2022
HwPCAssistant has a Path Traversal vulnerability .Successful exploitation of this vulnerability... Critical Unreviewed
CVE-2021-37128 was published Jan 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database