GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,000
Composer 4,298
Erlang 31
GitHub Actions 21
Go 2,063
Maven 5,240
npm 3,744
NuGet 668
pip 3,424
Pub 12
RubyGems 892
Rust 876
Swift 36

Unreviewed advisories

All unreviewed 239,734

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

87 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability was found in OTCMS up to 6.62 and classified as problematic. Affected by this... Low Unreviewed

CVE-2023-3241 was published Jun 14, 2023

A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3,... Low Unreviewed

CVE-2022-42474 was published Jun 13, 2023

The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitize the dir parameter... Low Unreviewed

CVE-2023-2117 was published May 30, 2023

A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A path traversal... Low Unreviewed

CVE-2023-27409 was published May 9, 2023

A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1... Low Unreviewed

CVE-2023-29128 was published May 9, 2023

Path traversal vulnerability in Samsung Cloud prior to version 5.3.0.32 allows attacker to access... Low Unreviewed

CVE-2023-21448 was published Feb 9, 2023

The Wholesale Market for WooCommerce WordPress plugin before 2.0.0 does not validate user input... Low Unreviewed

CVE-2022-4109 was published Jan 3, 2023

** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as... Low Unreviewed

CVE-2022-4773 was published Dec 28, 2022

In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An... Low Unreviewed

CVE-2022-37703 was published Sep 14, 2022

The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Directory... Low Unreviewed

CVE-2022-2945 was published Sep 7, 2022

A directory traversal vulnerability was discovered in Wuzhicms 4.1.0. via /coreframe/app... Low Unreviewed

CVE-2022-36168 was published Aug 27, 2022

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in... Low Unreviewed

CVE-2022-27621 was published Aug 4, 2022

Improper input validation in Contacts Storage prior to SMR Jul-2022 Release 1 allows attacker to... Low Unreviewed

CVE-2022-33690 was published Jul 13, 2022

In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, adjusting the path component for the... Low Unreviewed

CVE-2021-43264 was published May 24, 2022

fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other... Low Unreviewed

CVE-2020-36314 was published May 24, 2022

Some devices of Thales DIS (formerly Gemalto, formerly Cinterion) allow Directory Traversal by... Low Unreviewed

CVE-2020-15858 was published May 24, 2022

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of... Low Unreviewed

CVE-2020-12392 was published May 24, 2022

fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during... Low Unreviewed

CVE-2020-11736 was published May 24, 2022

GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an issue between projects. Low Unreviewed

CVE-2020-10977 was published May 24, 2022

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec... Low Unreviewed

CVE-2020-8446 was published May 24, 2022

A path traversal vulnerability in NFX150 Series and QFX10K Series, EX9200 Series, MX Series and... Low Unreviewed

CVE-2019-0074 was published May 24, 2022

Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for... Low Unreviewed

CVE-2012-3380 was published May 17, 2022

Absolute path traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98... Low Unreviewed

CVE-2010-2322 was published May 17, 2022

Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote... Low Unreviewed

CVE-2013-5219 was published May 17, 2022

The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite... Low Unreviewed

CVE-2012-6607 was published May 17, 2022

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

87 advisories