Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
33
GitHub Actions
22
Go
2,121
Maven
5,000+
npm
3,783
NuGet
683
pip
3,465
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

130 advisories

Loading
Citrix ShareFile StorageZones Controller before 5.4.2 allows Directory Traversal. Low Unreviewed
CVE-2018-16968 was published May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat Low
CVE-2010-3718 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
oliverchang sunSUNQ
Leptonica 1.74.4 constructs unintended pathnames (containing duplicated path components) when... Low Unreviewed
CVE-2017-18196 was published May 13, 2022
Absolute path traversal vulnerability in the intu-help-qb (aka Intuit Help System Async Pluggable... Low Unreviewed
CVE-2012-2421 was published May 13, 2022
Path traversal vulnerability in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to... Low Unreviewed
CVE-2022-28784 was published May 4, 2022
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat... Low Unreviewed
CVE-2005-1918 was published May 3, 2022
The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3... Low Unreviewed
CVE-2010-0926 was published May 2, 2022
Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for... Low Unreviewed
CVE-2010-0801 was published May 2, 2022
Multiple directory traversal vulnerabilities in CutePHP CuteNews 1.4.6, when magic_quotes_gpc is... Low Unreviewed
CVE-2009-4116 was published May 2, 2022
Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, when register_globals is... Low Unreviewed
CVE-2009-0286 was published May 2, 2022
Directory traversal vulnerability in makepost.php in DaZPHPNews 0.1-1, when register_globals is... Low Unreviewed
CVE-2008-1696 was published May 1, 2022
Absolute path traversal vulnerability in install/index.php in Drake CMS 0.4.11 RC8 allows remote... Low Unreviewed
CVE-2008-1371 was published May 1, 2022
Directory traversal vulnerability in index.php in Scribe 0.2 allows remote attackers to read... Low Unreviewed
CVE-2008-0822 was published May 1, 2022
Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote... Low Unreviewed
CVE-2008-0819 was published May 1, 2022
Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and earlier allows remote... Low Unreviewed
CVE-2007-5731 was published May 1, 2022
Apache Tomcat Path Traversal Vulnerability Low
CVE-2007-5461 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3... Low Unreviewed
CVE-2007-4271 was published May 1, 2022
Multiple directory traversal vulnerabilities in aBitWhizzy allow remote attackers to list... Low Unreviewed
CVE-2007-1773 was published May 1, 2022
unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".... Low Unreviewed
CVE-2006-0950 was published May 1, 2022
Multiple directory traversal vulnerabilities in admin.php3 in PHPMyChat 0.14.5 allow remote... Low Unreviewed
CVE-2004-2717 was published Apr 29, 2022
Path traversal in github.com/cloudflare/cfrpki/cmd/octorpki Low
GHSA-8459-6rc9-8vf8 was published for github.com/cloudflare/cfrpki (Go) Feb 14, 2022
Plugin archive directory traversal in Helm Low
CVE-2020-4053 was published for helm.sh/helm/v3 (Go) Jun 23, 2021
snoopysecurity
Path traversal in Node-Red Low
CVE-2021-21298 was published for @node-red/runtime (npm) Feb 26, 2021
Directory Traversal vulnerability in GET/PUT allows attackers to Disclose Information or Write Files via a crafted GET/PUT request Low
CVE-2020-15239 was published for xmpp-http-upload (pip) Oct 6, 2020
ChristianTacke
Path Traversal in openapi-python-client Low
CVE-2020-15141 was published for openapi-python-client (pip) Aug 20, 2020
pawamoy emann
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database