GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,189

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

7,176 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Tooxie Shiva 0.10.0 allows absolute path traversal because Flask send_file function used unsafely Critical

CVE-2022-31558 was published for shiva (pip) Jul 12, 2022

The JustAnotherSoftwareDeveloper/Python-Recipe-Database repository through 2021-03-31 on GitHub... Critical Unreviewed

CVE-2022-31518 was published Jul 12, 2022

The piaoyunsoft/bt_lnmp repository through 2019-10-10 on GitHub allows absolute path traversal... High Unreviewed

CVE-2022-31578 was published Jul 12, 2022

The duducosmos/livro_python repository through 2018-06-06 on GitHub allows absolute path... Critical Unreviewed

CVE-2022-31575 was published Jul 12, 2022

The varijkapil13/Sphere_ImageBackend repository through 2019-10-03 on GitHub allows absolute path... Critical Unreviewed

CVE-2022-31561 was published Jul 12, 2022

The waveyan/internshipsystem repository through 2018-05-22 on GitHub allows absolute path... Critical Unreviewed

CVE-2022-31562 was published Jul 12, 2022

The shaolo1/VideoServer repository through 2019-09-21 on GitHub allows absolute path traversal... Critical Unreviewed

CVE-2022-31582 was published Jul 12, 2022

The whmacmac/vprj repository through 2022-04-06 on GitHub allows absolute path traversal because... Critical Unreviewed

CVE-2022-31563 was published Jul 12, 2022

Improper input validation in Contacts Storage prior to SMR Jul-2022 Release 1 allows attacker to... Low Unreviewed

CVE-2022-33690 was published Jul 13, 2022

EMC Data Protection Advisor prior to 6.4 contains a path traversal vulnerability. A remote... Moderate Unreviewed

CVE-2017-8003 was published May 17, 2022

A directory traversal vulnerability exists in core\admin\ajax\developer\extensions\file-browser... High Unreviewed

CVE-2017-9428 was published May 17, 2022

A vulnerability in the web-based management interface of Cisco Unified Communications Manager ... Moderate Unreviewed

CVE-2022-20862 was published Jul 7, 2022

Absolute path traversal vulnerability in the MDC YouTube Downloader plugin 2.1.0 for WordPress... High Unreviewed

CVE-2015-5469 was published May 17, 2022

Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote... Moderate Unreviewed

CVE-2015-1579 was published May 17, 2022

A path traversal vulnerability in loader.php of CWP v0.9.8.1122 allows attackers to execute... Critical Unreviewed

CVE-2022-25046 was published Jul 8, 2022

The sergeKashkin/Simple-RAT repository before 2022-05-03 on GitHub allows absolute path traversal... Critical Unreviewed

CVE-2022-31510 was published Jul 12, 2022

A Directory Traversal vulnerability in the web framework code of the Cisco application-hosting... High Unreviewed

CVE-2017-3851 was published May 17, 2022

A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could... Moderate Unreviewed

CVE-2017-6704 was published May 17, 2022

Fiyo CMS v2.0.7 has an arbitrary file delete vulnerability in dapur/apps/app_config/controller... High Unreviewed

CVE-2017-8853 was published May 17, 2022

'/cgi-bin/admin/downloadMedias.cgi' of the web service in most of the VIVOTEK Network Cameras is... High Unreviewed

CVE-2017-9829 was published May 17, 2022

dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not... Critical Unreviewed

CVE-2017-8283 was published May 17, 2022

OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative... Critical Unreviewed

CVE-2022-2120 was published Jun 25, 2022

Zoho ManageEngine ServiceDesk Plus MSP before 10604 allows path traversal (to WEBINF/web.xml from... High Unreviewed

CVE-2022-32551 was published Jul 3, 2022

MELAG FTP Server 2.2.0.4 allows an attacker to use the CWD command to break out of the FTP... Moderate Unreviewed

CVE-2021-41636 was published Jun 25, 2022

A vulnerability was found in Album Lock 4.0 and classified as critical. Affected by this issue is... Moderate Unreviewed

CVE-2017-20102 was published Jun 28, 2022

Previous 1…16…288 Next

Previous 1 2 … 14 15 16 17 18 … 287 288 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

7,176 advisories