Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

82 advisories

Loading
fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other... Low Unreviewed
CVE-2020-36314 was published May 24, 2022
Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users... Low Unreviewed
CVE-2014-8737 was published May 17, 2022
Improper input validation in Contacts Storage prior to SMR Jul-2022 Release 1 allows attacker to... Low Unreviewed
CVE-2022-33690 was published Jul 13, 2022
Directory traversal vulnerability in Backup in Apple iOS before 8.3 allows attackers to read... Low Unreviewed
CVE-2015-1087 was published May 17, 2022
GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an issue between projects. Low Unreviewed
CVE-2020-10977 was published May 24, 2022
Directory traversal vulnerability in Jenkins before 1.600 and LTS before 1.596.1 allows remote... Low Unreviewed
CVE-2015-1807 was published May 17, 2022
Directory traversal vulnerability in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2... Low Unreviewed
CVE-2013-6177 was published May 17, 2022
Absolute path traversal vulnerability in ShareLaTeX 0.1.3 and earlier, when the paranoid... Low Unreviewed
CVE-2015-0933 was published May 17, 2022
Directory traversal vulnerability in models/Cart66.php in the Cart66 Lite plugin before 1.5.4 for... Low Unreviewed
CVE-2014-9461 was published May 17, 2022
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite... Low Unreviewed
CVE-2012-6607 was published May 17, 2022
Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote... Low Unreviewed
CVE-2013-5219 was published May 17, 2022
Absolute path traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98... Low Unreviewed
CVE-2010-2322 was published May 17, 2022
Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for... Low Unreviewed
CVE-2012-3380 was published May 17, 2022
A path traversal vulnerability in NFX150 Series and QFX10K Series, EX9200 Series, MX Series and... Low Unreviewed
CVE-2019-0074 was published May 24, 2022
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in... Low Unreviewed
CVE-2022-27621 was published Aug 4, 2022
A directory traversal vulnerability was discovered in Wuzhicms 4.1.0. via /coreframe/app... Low Unreviewed
CVE-2022-36168 was published Aug 27, 2022
fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during... Low Unreviewed
CVE-2020-11736 was published May 24, 2022
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of... Low Unreviewed
CVE-2020-12392 was published May 24, 2022
** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as... Low Unreviewed
CVE-2022-4773 was published Dec 28, 2022
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, adjusting the path component for the... Low Unreviewed
CVE-2021-43264 was published May 24, 2022
Multiple directory traversal vulnerabilities in admin.php3 in PHPMyChat 0.14.5 allow remote... Low Unreviewed
CVE-2004-2717 was published Apr 29, 2022
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec... Low Unreviewed
CVE-2020-8446 was published May 24, 2022
unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".... Low Unreviewed
CVE-2006-0950 was published May 1, 2022
Multiple directory traversal vulnerabilities in aBitWhizzy allow remote attackers to list... Low Unreviewed
CVE-2007-1773 was published May 1, 2022
Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3... Low Unreviewed
CVE-2007-4271 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database