Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,611
NuGet
638
pip
3,209
Pub
10
RubyGems
853
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

5,980 advisories

Loading
Directory traversal vulnerability in modules/profile/user.php in Ax Developer CMS (AxDCMS) 0.1.1... Moderate Unreviewed
CVE-2011-0506 was published May 17, 2022
Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, as used in Appeon,... High Unreviewed
CVE-2011-0497 was published May 17, 2022
Directory traversal vulnerability in system/system.php in Zwii 2.1.1, when magic_quotes_gpc is... Moderate Unreviewed
CVE-2011-0505 was published May 17, 2022
Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1... Moderate Unreviewed
CVE-2011-0494 was published May 17, 2022
Directory traversal vulnerability in module.php in PhpGedView 4.2.3 and possibly other versions,... Moderate Unreviewed
CVE-2011-0405 was published May 17, 2022
Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1... Moderate Unreviewed
CVE-2010-4622 was published May 17, 2022
Directory traversal vulnerability in the JotLoader (com_jotloader) component 2.2.1 for Joomla!... Moderate Unreviewed
CVE-2010-4617 was published May 17, 2022
Directory traversal vulnerability in admin/updatelist.php in BaconMap 1.0 allows remote attackers... Moderate Unreviewed
CVE-2010-4801 was published May 17, 2022
Directory traversal vulnerability in index.php in OrangeHRM 2.6.0.1 allows remote attackers to... Moderate Unreviewed
CVE-2010-4798 was published May 17, 2022
Directory traversal vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla!... High Unreviewed
CVE-2010-4719 was published May 17, 2022
Path traversal in elFinder.NetCore High
CVE-2021-23428 was published for elFinder.NetCore (NuGet) Sep 2, 2021
Tempfile on Windows path traversal vulnerability High
CVE-2021-28966 was published for tmpdir (RubyGems) May 6, 2021
Path Traversal in GitHub repository prasathmani/tinyfilemanager prior to 2.4.7. Critical Unreviewed
CVE-2022-1000 was published Mar 18, 2022
BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal... High Unreviewed
CVE-2022-23347 was published Mar 22, 2022
An issue was discovered in xmppserver jar in the XMPP Server component of the JIve platform, as... High Unreviewed
CVE-2021-45968 was published Mar 19, 2022
Some commands used by the Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x eXchange Layer... Critical Unreviewed
CVE-2020-25176 was published Mar 19, 2022
Rockwell Automation Connected Components Workbench v12.00.00 and prior does not sanitize paths... High Unreviewed
CVE-2021-27473 was published Mar 24, 2022
Passwork On-Premise Edition before 4.6.13 allows migration/downloadExportFile Directory Traversal... Moderate Unreviewed
CVE-2022-25266 was published Mar 25, 2022
The parsing mechanism that processes certain file types does not provide input sanitization for... High Unreviewed
CVE-2021-27471 was published Mar 24, 2022
Path traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server High
CVE-2022-24730 was published for github.com/argoproj/argo-cd (Go) Mar 24, 2022
alexmt jessesuen
Passwork On-Premise Edition before 4.6.13 allows migration/uploadExportFile Directory Traversal ... High Unreviewed
CVE-2022-25267 was published Mar 25, 2022
Mendelson OFTP2 before 1.1 b43 is affected by directory traversal. To access the vulnerable code... Moderate Unreviewed
CVE-2022-27906 was published Mar 26, 2022
aaPanel v6.8.21 was discovered to be vulnerable to directory traversal. This vulnerability allows... Moderate Unreviewed
CVE-2022-26252 was published Mar 28, 2022
The Narnoo Distributor WordPress plugin through 2.5.1 fails to validate and sanitize the lib_path... Critical Unreviewed
CVE-2022-0679 was published Mar 29, 2022
Hiby Music Hiby OS R3 Pro 1.5 and 1.6 is vulnerable to Directory Traversal. The HTTP Server does... High Unreviewed
CVE-2021-44124 was published Mar 29, 2022
ProTip! Advisories are also available from the GraphQL API