GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
665 advisories
Filter by severity
Directory Traversal vulnerability in the administrative user interface in McAfee Web Gateway (MWG...
Critical
Unreviewed
CVE-2018-6677
was published
May 13, 2022
A vulnerability, which was classified as problematic, was found in lanyulei ferry. This affects...
Critical
Unreviewed
CVE-2022-3940
was published
Nov 11, 2022
A vulnerability, which was classified as critical, has been found in lanyulei ferry. Affected by...
Critical
Unreviewed
CVE-2022-3939
was published
Nov 11, 2022
A vulnerability classified as critical was found in hoffie larasync. This vulnerability affects...
Critical
Unreviewed
CVE-2015-10024
was published
Jan 7, 2023
A vulnerability was found in stakira OpenUtau. It has been classified as critical. This affects...
Critical
Unreviewed
CVE-2022-4880
was published
Jan 7, 2023
Linear eMerge 50P/5000P devices allow Cookie Path Traversal.
Critical
Unreviewed
CVE-2019-7267
was published
May 24, 2022
Kbase Doc v1.0 was discovered to contain an arbitrary file deletion vulnerability via the...
Critical
Unreviewed
CVE-2022-45290
was published
Dec 9, 2022
Directory Traversal vulnerability ZDBQAREFSUBDIR parameter in /zropusermgmt API in Zoho...
Critical
Unreviewed
CVE-2020-21642
was published
Aug 16, 2022
Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Path traversal vulnerabilities are caused by...
Critical
Unreviewed
CVE-2019-13551
was published
May 24, 2022
Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20...
Critical
Unreviewed
CVE-2022-1664
was published
May 27, 2022
Alist vulnerable to Path Traversal
Critical
CVE-2022-45969
was published
for
github.com/alist-org/alist/v3
(Go)
Dec 16, 2022
A vulnerability classified as critical has been found in Calsign APDE. This affects the function...
Critical
Unreviewed
CVE-2020-36628
was published
Dec 25, 2022
mozilo2.0 was discovered to be vulnerable to directory traversal attacks via the parameter...
Critical
Unreviewed
CVE-2022-23357
was published
Feb 8, 2022
elFinder before 2.1.59 contains multiple vulnerabilities leading to RCE
Critical
CVE-2021-32682
was published
for
studio-42/elfinder
(Composer)
Jun 16, 2021
Path traversal in the Intel(R) EMA before version 1.3.3 may allow an unauthenticated user to...
Critical
Unreviewed
CVE-2020-12315
was published
May 24, 2022
Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by an...
Critical
Unreviewed
CVE-2022-38418
was published
Oct 15, 2022
Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of...
Critical
Unreviewed
CVE-2020-27160
was published
May 24, 2022
SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, allows an authenticated...
Critical
Unreviewed
CVE-2020-26837
was published
May 24, 2022
In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it...
Critical
Unreviewed
CVE-2020-29600
was published
May 24, 2022
A vulnerability has been reported to affect earlier QNAP devices running QTS 4.3.4 to 4.3.6....
Critical
Unreviewed
CVE-2018-19945
was published
May 24, 2022
A directory traversal vulnerability in file upload function of Gotenberg through 6.2.1 allows an...
Critical
Unreviewed
CVE-2020-13450
was published
May 24, 2022
Multiple directory traversal vulnerabilities in TerraMaster TOS <= 4.2.06 allow remote...
Critical
Unreviewed
CVE-2020-28187
was published
May 24, 2022
Directory traversal vulnerability in post-edit.php in MiniCMS V1.10 allows remote attackers to...
Critical
Unreviewed
CVE-2020-36052
was published
May 24, 2022
Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 was discovered...
Critical
Unreviewed
CVE-2022-28814
was published
Sep 29, 2022
Unauthenticated remote code execution with root privileges in Citrix SD-WAN Center versions...
Critical
Unreviewed
CVE-2020-8271
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API