GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
684 advisories
Filter by severity
Directory Traversal vulnerability in the administrative user interface in McAfee Web Gateway (MWG...
Critical
Unreviewed
CVE-2018-6677
was published
May 13, 2022
X-Pack Security versions 6.2.0, 6.2.1, and 6.2.2 are vulnerable to a user impersonation attack...
Critical
Unreviewed
CVE-2018-3822
was published
May 13, 2022
NUUO CMS All versions 3.3 and prior the application allows external input to construct a pathname...
Critical
Unreviewed
CVE-2018-17934
was published
May 13, 2022
Advantech WebAccess 8.3.1 and earlier has a path traversal vulnerability which may allow an...
Critical
Unreviewed
CVE-2018-14806
was published
May 13, 2022
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior,...
Critical
Unreviewed
CVE-2018-10589
was published
May 13, 2022
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall...
Critical
Unreviewed
CVE-2018-0426
was published
May 13, 2022
A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could...
Critical
Unreviewed
CVE-2018-0258
was published
May 13, 2022
In ABB SREA-01 revisions A, B, C: application versions up to 3.31.5, and SREA-50 revision A:...
Critical
Unreviewed
CVE-2017-9664
was published
May 13, 2022
A Path Traversal issue was discovered in WebAccess versions 8.3.2 and earlier. An attacker has...
Critical
Unreviewed
CVE-2017-16720
was published
May 13, 2022
On Cisco DDR2200 ADSL2+ Residential Gateway DDR2200B-NA-AnnexA-FCC-V00.00.03.45.4E and DDR2201v1...
Critical
Unreviewed
CVE-2017-11589
was published
May 13, 2022
An issue was discovered in SageCRM 7.x before 7.3 SP3. The Component Manager functionality,...
Critical
Unreviewed
CVE-2017-5219
was published
May 13, 2022
The patch for directory traversal (CVE-2017-5480) in b2evolution version 6.8.4-stable has a...
Critical
Unreviewed
CVE-2017-5539
was published
May 13, 2022
An issue was discovered on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1...
Critical
Unreviewed
CVE-2018-10824
was published
May 13, 2022
BlogEngine.NET v3.3.8.0 was discovered to contain an arbitrary file deletion vulnerability which...
Critical
Unreviewed
CVE-2022-25591
was published
May 14, 2022
Path Traversal in Apache Struts
Critical
CVE-2016-6795
was published
for
org.apache.struts:struts2-convention-plugin
(Maven)
May 14, 2022
It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory...
Critical
Unreviewed
CVE-2018-16858
was published
May 14, 2022
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0...
Critical
Unreviewed
CVE-2018-8780
was published
May 14, 2022
An issue was discovered in BlogEngine.NET through 3.3.6.0. A path traversal and Local File...
Critical
Unreviewed
CVE-2019-6714
was published
May 14, 2022
Path traversal vulnerability in the administrative panel in KonaKart eCommerce Platform version 8...
Critical
Unreviewed
CVE-2017-17108
was published
May 14, 2022
IBM Cognos Analytics 11 could allow a remote attacker to traverse directories on the system. An...
Critical
Unreviewed
CVE-2019-4178
was published
May 14, 2022
Multiple directory traversal vulnerabilities in (1) includes/MapImportCSV2.php and (2) includes...
Critical
Unreviewed
CVE-2015-7669
was published
May 14, 2022
Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and...
Critical
Unreviewed
CVE-2015-8352
was published
May 14, 2022
An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly...
Critical
Unreviewed
CVE-2019-10945
was published
May 14, 2022
Silverpeas 5.15 through 6.0.2 is affected by an authenticated Directory Traversal vulnerability...
Critical
Unreviewed
CVE-2018-19586
was published
May 14, 2022
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files...
Critical
Unreviewed
CVE-2018-14847
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API