Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

123 advisories

Loading
EC-CUBE Directory traversal vulnerability Low
CVE-2022-40199 was published for ec-cube/ec-cube (Composer) Sep 28, 2022
Cargo extracting malicious crates can corrupt arbitrary files Low
CVE-2022-36113 was published for cargo (Rust) Sep 16, 2022
pietroalbini litios
In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An... Low Unreviewed
CVE-2022-37703 was published Sep 14, 2022
The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Directory... Low Unreviewed
CVE-2022-2945 was published Sep 7, 2022
A directory traversal vulnerability was discovered in Wuzhicms 4.1.0. via /coreframe/app... Low Unreviewed
CVE-2022-36168 was published Aug 27, 2022
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in... Low Unreviewed
CVE-2022-27621 was published Aug 4, 2022
Improper input validation in Contacts Storage prior to SMR Jul-2022 Release 1 allows attacker to... Low Unreviewed
CVE-2022-33690 was published Jul 13, 2022
Path Traversal in XWiki Platform Low
CVE-2022-29253 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Jun 1, 2022
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, adjusting the path component for the... Low Unreviewed
CVE-2021-43264 was published May 24, 2022
fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other... Low Unreviewed
CVE-2020-36314 was published May 24, 2022
Kubernetes Secrets Store CSI Driver plugins arbitrary file write Low
CVE-2020-8567 was published for github.com/Azure/secrets-store-csi-driver-provider-azure (Go) May 24, 2022
Some devices of Thales DIS (formerly Gemalto, formerly Cinterion) allow Directory Traversal by... Low Unreviewed
CVE-2020-15858 was published May 24, 2022
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of... Low Unreviewed
CVE-2020-12392 was published May 24, 2022
fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during... Low Unreviewed
CVE-2020-11736 was published May 24, 2022
GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an issue between projects. Low Unreviewed
CVE-2020-10977 was published May 24, 2022
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec... Low Unreviewed
CVE-2020-8446 was published May 24, 2022
Duplicate Advisory: Node CLI Allows Arbitrary File Overwrite Low
CVE-2016-1000021 was published for cli (npm) May 24, 2022 withdrawn
A path traversal vulnerability in NFX150 Series and QFX10K Series, EX9200 Series, MX Series and... Low Unreviewed
CVE-2019-0074 was published May 24, 2022
Path traversal in Jenkins REPO Plugin Low
CVE-2022-30949 was published for org.jenkins-ci.plugins:git (Maven) May 18, 2022
NotMyFault
Path traversal in Jenkins Mercurial Plugin Low
CVE-2022-30948 was published for org.jenkins-ci.plugins:mercurial (Maven) May 18, 2022
NotMyFault
Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for... Low Unreviewed
CVE-2012-3380 was published May 17, 2022
Absolute path traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98... Low Unreviewed
CVE-2010-2322 was published May 17, 2022
Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote... Low Unreviewed
CVE-2013-5219 was published May 17, 2022
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite... Low Unreviewed
CVE-2012-6607 was published May 17, 2022
Directory traversal vulnerability in models/Cart66.php in the Cart66 Lite plugin before 1.5.4 for... Low Unreviewed
CVE-2014-9461 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database