Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,188 advisories

Loading
A vulnerability in the web framework of the Cisco TelePresence IX5000 Series could allow an... High Unreviewed
CVE-2017-6652 was published May 17, 2022
Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to read arbitrary files... Moderate Unreviewed
CVE-2017-5966 was published May 17, 2022
Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with... High Unreviewed
CVE-2017-8841 was published May 17, 2022
Directory traversal vulnerability in Spiffy before 5.4. High Unreviewed
CVE-2015-8235 was published May 14, 2022
Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Directory Traversal with /%5C../... High Unreviewed
CVE-2017-10974 was published May 17, 2022
A directory traversal vulnerability exists in MetInfo 5.3.17. A remote attacker can use ..\ to... High Unreviewed
CVE-2017-11500 was published May 13, 2022
Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and... High Unreviewed
CVE-2017-1000028 was published May 14, 2022
In Sitecore 8.2, there is absolute path traversal via the shell/Applications/Layouts/IDE.aspx fi... Moderate Unreviewed
CVE-2017-11440 was published May 17, 2022
An issue was discovered in the Cloud Controller API in Cloud Foundry Foundation CAPI-release... High Unreviewed
CVE-2017-8033 was published May 13, 2022
Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL... High Unreviewed
CVE-2017-7442 was published May 13, 2022
Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows... High Unreviewed
CVE-2011-5325 was published May 13, 2022
Directory traversal vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7... High Unreviewed
CVE-2017-11152 was published May 13, 2022
Directory traversal vulnerability in ajaxfileupload.php in Kayson Group Ltd. phpGrid before 7.2.5... High Unreviewed
CVE-2017-10665 was published May 17, 2022
D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers to read passwords via a... Critical Unreviewed
CVE-2017-12943 was published May 17, 2022
Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and... Critical Unreviewed
CVE-2015-8352 was published May 14, 2022
A Path Traversal issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu,... Moderate Unreviewed
CVE-2017-9640 was published May 13, 2022
Directory traversal vulnerability in ServiceDesk Plus MSP v5 to v9.0 v9030; AssetExplorer v4 to... High Unreviewed
CVE-2014-5301 was published May 14, 2022
Directory traversal vulnerability in the file_get_contents function in SOPlanning 1.32 and... Moderate Unreviewed
CVE-2014-8676 was published May 17, 2022
A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The... High Unreviewed
CVE-2017-13996 was published May 13, 2022
Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! allows... High Unreviewed
CVE-2015-4074 was published May 17, 2022
Before version 4.8.2, WordPress allowed a Directory Traversal attack in the Customizer component... High Unreviewed
CVE-2017-14722 was published May 17, 2022
Before version 4.8.2, WordPress was vulnerable to a directory traversal attack during unzip... High Unreviewed
CVE-2017-14719 was published May 17, 2022
A path traversal information disclosure vulnerability exists in Schneider Electric's U.motion... Critical Unreviewed
CVE-2017-7974 was published May 17, 2022
Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change... High Unreviewed
CVE-2017-14849 was published May 13, 2022
An authentication vulnerability in HPE BSM Platform Application Performance Management System... Moderate Unreviewed
CVE-2017-13985 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database