GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,399

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,195 advisories

Filter by severity

Sort by

Least recently updated

The File Download API in Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote... High Unreviewed

CVE-2021-38146 was published Nov 23, 2021

The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter... High Unreviewed

CVE-2021-24644 was published Nov 24, 2021

Sunnet eHRD has inadequate filtering for special characters in URLs, which allows a remote... High Unreviewed

CVE-2021-43358 was published Dec 2, 2021

The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 takes a user-supplied ... High Unreviewed

CVE-2021-43176 was published Dec 8, 2021

An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows... High Unreviewed

CVE-2021-25511 was published Dec 9, 2021

A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and... High Unreviewed

CVE-2021-41024 was published Dec 9, 2021

A relative path traversal vulnerability in the SMA100 upload funtion allows a remote... High Unreviewed

CVE-2021-20040 was published Dec 9, 2021

KNIME Server before 4.13.4 allows directory traversal in a request for a client profile. High Unreviewed

CVE-2021-44725 was published Dec 9, 2021

A path traversal attack in web interfaces of Netgear RAX35, RAX38, and RAX40 routers before v1.0... High Unreviewed

CVE-2021-41449 was published Dec 10, 2021

Directory traversal vulnerability in /admin/includes/* directory for PHPGURUKUL Employee Record... High Unreviewed

CVE-2021-44965 was published Dec 14, 2021

The All-in-One Video Gallery WordPress plugin before 2.5.0 does not sanitise and validate the tab... High Unreviewed

CVE-2021-24970 was published Dec 14, 2021

SAF-T Framework Transaction SAFTN_G allows an attacker to exploit insufficient validation of path... High Unreviewed

CVE-2021-44232 was published Dec 15, 2021

The True Ranker plugin <= 2.2.2 for WordPress allows arbitrary files, including sensitive... High Unreviewed

CVE-2021-39312 was published Dec 15, 2021

A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.11),... High Unreviewed

CVE-2021-41547 was published Dec 15, 2021

HD-Network Real-time Monitoring System 2.0 allows ../ directory traversal to read /etc/shadow via... High Unreviewed

CVE-2021-45043 was published Dec 16, 2021

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed

CVE-2021-3960 was published Dec 17, 2021

SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the pathname of the emulator... High Unreviewed

CVE-2021-32498 was published Dec 18, 2021

Chain Sea ai chatbot system’s specific file download function has path traversal vulnerability.... High Unreviewed

CVE-2021-44162 was published Dec 21, 2021

Specially-crafted command line arguments can lead to arbitrary file deletion in the del .cnt|.log... High Unreviewed

CVE-2021-21909 was published Dec 23, 2021

A directory traversal vulnerability exists in the CMA CLI setenv command of Garrett Metal... High Unreviewed

CVE-2021-21904 was published Dec 23, 2021

A directory traversal vulnerability exists in the Web Manager FsTFtp functionality of Lantronix... High Unreviewed

CVE-2021-21895 was published Dec 23, 2021

A directory traversal vulnerability exists in the Web Manager FsMove functionality of Lantronix... High Unreviewed

CVE-2021-21885 was published Dec 23, 2021

A directory traversal vulnerability exists in the Web Manager FsCopyFile functionality of... High Unreviewed

CVE-2021-21880 was published Dec 23, 2021

A directory traversal vulnerability exists in the Web Manager File Upload functionality of... High Unreviewed

CVE-2021-21879 was published Dec 23, 2021

Certain Starcharge products are vulnerable to Directory Traversal via main.cgi. The affected... High Unreviewed

CVE-2021-45418 was published Dec 23, 2021

Previous 1 2 3 4 5 … 87 88 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,195 advisories