Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,201
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

5,171 advisories

Loading
Directory traversal vulnerability in /admin/includes/* directory for PHPGURUKUL Employee Record... High Unreviewed
CVE-2021-44965 was published Dec 14, 2021
Zip Slip vulnerability in Pluck-CMS Pluck 4.7.15 allows an attacker to upload specially crafted... Critical Unreviewed
CVE-2021-31746 was published Dec 11, 2021
A path traversal attack in web interfaces of Netgear RAX35, RAX38, and RAX40 routers before v1.0... High Unreviewed
CVE-2021-41449 was published Dec 10, 2021
KNIME Server before 4.13.4 allows directory traversal in a request for a client profile. High Unreviewed
CVE-2021-44725 was published Dec 9, 2021
A relative path traversal vulnerability in the SMA100 upload funtion allows a remote... High Unreviewed
CVE-2021-20040 was published Dec 9, 2021
A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and... High Unreviewed
CVE-2021-41024 was published Dec 9, 2021
An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows... High Unreviewed
CVE-2021-25511 was published Dec 9, 2021
There is a Improper Limitation of a Pathname to a Restricted Directory vulnerability in Huawei... Critical Unreviewed
CVE-2021-37064 was published Dec 8, 2021
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed
CVE-2021-37087 was published Dec 8, 2021
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed
CVE-2021-37088 was published Dec 8, 2021
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed
CVE-2021-37099 was published Dec 8, 2021
The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 takes a user-supplied ... High Unreviewed
CVE-2021-43176 was published Dec 8, 2021
** UNSUPPORTED WHEN ASSIGNED ** ThinkUp 2.0-beta.10 is affected by a path manipulation... Critical Unreviewed
CVE-2021-43674 was published Dec 4, 2021
Sunnet eHRD has inadequate filtering for special characters in URLs, which allows a remote... High Unreviewed
CVE-2021-43358 was published Dec 2, 2021
An unspecified version of tripexpress is affected by a path manipulation vulnerability in file... Critical Unreviewed
CVE-2021-43691 was published Nov 30, 2021
There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of... Moderate Unreviewed
CVE-2021-37023 was published Nov 24, 2021
The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter... High Unreviewed
CVE-2021-24644 was published Nov 24, 2021
The File Download API in Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote... High Unreviewed
CVE-2021-38146 was published Nov 23, 2021
OX App Suite through 7.10.5 allows Directory Traversal via ../ in an OOXML or ODF ZIP archive,... Moderate Unreviewed
CVE-2021-33491 was published Nov 23, 2021
Using the parameter of getPFXFolderList function, attackers can see the information of... Critical Unreviewed
CVE-2020-7882 was published Nov 23, 2021
It was discovered that on Windows operating systems specifically, Kibana was not validating a... Moderate Unreviewed
CVE-2021-37938 was published Nov 19, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database