GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
83 advisories
Filter by severity
fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other...
Low
Unreviewed
CVE-2020-36314
was published
May 24, 2022
Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users...
Low
Unreviewed
CVE-2014-8737
was published
May 17, 2022
Improper input validation in Contacts Storage prior to SMR Jul-2022 Release 1 allows attacker to...
Low
Unreviewed
CVE-2022-33690
was published
Jul 13, 2022
Directory traversal vulnerability in Backup in Apple iOS before 8.3 allows attackers to read...
Low
Unreviewed
CVE-2015-1087
was published
May 17, 2022
GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an issue between projects.
Low
Unreviewed
CVE-2020-10977
was published
May 24, 2022
Directory traversal vulnerability in Jenkins before 1.600 and LTS before 1.596.1 allows remote...
Low
Unreviewed
CVE-2015-1807
was published
May 17, 2022
Directory traversal vulnerability in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2...
Low
Unreviewed
CVE-2013-6177
was published
May 17, 2022
Absolute path traversal vulnerability in ShareLaTeX 0.1.3 and earlier, when the paranoid...
Low
Unreviewed
CVE-2015-0933
was published
May 17, 2022
Directory traversal vulnerability in models/Cart66.php in the Cart66 Lite plugin before 1.5.4 for...
Low
Unreviewed
CVE-2014-9461
was published
May 17, 2022
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite...
Low
Unreviewed
CVE-2012-6607
was published
May 17, 2022
Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote...
Low
Unreviewed
CVE-2013-5219
was published
May 17, 2022
Absolute path traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98...
Low
Unreviewed
CVE-2010-2322
was published
May 17, 2022
Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for...
Low
Unreviewed
CVE-2012-3380
was published
May 17, 2022
A path traversal vulnerability in NFX150 Series and QFX10K Series, EX9200 Series, MX Series and...
Low
Unreviewed
CVE-2019-0074
was published
May 24, 2022
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in...
Low
Unreviewed
CVE-2022-27621
was published
Aug 4, 2022
A directory traversal vulnerability was discovered in Wuzhicms 4.1.0. via /coreframe/app...
Low
Unreviewed
CVE-2022-36168
was published
Aug 27, 2022
fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during...
Low
Unreviewed
CVE-2020-11736
was published
May 24, 2022
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of...
Low
Unreviewed
CVE-2020-12392
was published
May 24, 2022
** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as...
Low
Unreviewed
CVE-2022-4773
was published
Dec 28, 2022
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, adjusting the path component for the...
Low
Unreviewed
CVE-2021-43264
was published
May 24, 2022
Multiple directory traversal vulnerabilities in admin.php3 in PHPMyChat 0.14.5 allow remote...
Low
Unreviewed
CVE-2004-2717
was published
Apr 29, 2022
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec...
Low
Unreviewed
CVE-2020-8446
was published
May 24, 2022
unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with "....
Low
Unreviewed
CVE-2006-0950
was published
May 1, 2022
Multiple directory traversal vulnerabilities in aBitWhizzy allow remote attackers to list...
Low
Unreviewed
CVE-2007-1773
was published
May 1, 2022
Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3...
Low
Unreviewed
CVE-2007-4271
was published
May 1, 2022
ProTip!
Advisories are also available from the
GraphQL API