Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,298
Erlang
31
GitHub Actions
21
Go
2,063
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
876
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

594 advisories

Loading
Multiple Mitsubishi Electric Factory Automation products have a vulnerability that allows an... Critical Unreviewed
CVE-2020-14523 was published Feb 12, 2022
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that... Critical Unreviewed
CVE-2022-24312 was published Feb 11, 2022
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that... Critical Unreviewed
CVE-2022-24311 was published Feb 11, 2022
mozilo2.0 was discovered to be vulnerable to directory traversal attacks via the parameter... Critical Unreviewed
CVE-2022-23357 was published Feb 8, 2022
The Essential Addons for Elementor WordPress plugin before 5.0.5 does not validate and sanitise... Critical Unreviewed
CVE-2022-0320 was published Feb 2, 2022
The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive... Critical Unreviewed
CVE-2021-23520 was published Feb 1, 2022
A directory traversal vulnerability on Telos Z/IP One devices through 4.0.0r grants an... Critical Unreviewed
CVE-2020-17383 was published Jan 25, 2022
HwPCAssistant has a Path Traversal vulnerability .Successful exploitation of this vulnerability... Critical Unreviewed
CVE-2021-37128 was published Jan 4, 2022
Emerson XWEB 300D EVO 3.0.7--3ee403 is affected by: unauthenticated arbitrary file deletion due... Critical Unreviewed
CVE-2021-45427 was published Dec 31, 2021
An issue in /admin/index.php?lfj=mysql&action=del of Qibosoft v7 allows attackers to arbitrarily... Critical Unreviewed
CVE-2020-20944 was published Dec 28, 2021
A directory traversal vulnerability exists in the Web Manager FsTFtp functionality of Lantronix... Critical Unreviewed
CVE-2021-21894 was published Dec 23, 2021
Zip Slip vulnerability in Pluck-CMS Pluck 4.7.15 allows an attacker to upload specially crafted... Critical Unreviewed
CVE-2021-31746 was published Dec 11, 2021
There is a Improper Limitation of a Pathname to a Restricted Directory vulnerability in Huawei... Critical Unreviewed
CVE-2021-37064 was published Dec 8, 2021
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed
CVE-2021-37087 was published Dec 8, 2021
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed
CVE-2021-37088 was published Dec 8, 2021
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed
CVE-2021-37099 was published Dec 8, 2021
** UNSUPPORTED WHEN ASSIGNED ** ThinkUp 2.0-beta.10 is affected by a path manipulation... Critical Unreviewed
CVE-2021-43674 was published Dec 4, 2021
An unspecified version of tripexpress is affected by a path manipulation vulnerability in file... Critical Unreviewed
CVE-2021-43691 was published Nov 30, 2021
Using the parameter of getPFXFolderList function, attackers can see the information of... Critical Unreviewed
CVE-2020-7882 was published Nov 23, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database