Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,655
Maven
5,000+
npm
4,284
NuGet
760
pip
4,067
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,174 advisories

Loading
Improper Limitation of a Pathname to a Restricted Directory in Zip4j Moderate
CVE-2018-1002202 was published for net.lingala.zip4j:zip4j (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in JBoss Undertow Moderate
CVE-2014-7816 was published for io.undertow:undertow-core (Maven) May 17, 2022
Improper Limitation of a Pathname to a Restricted Directory in WildFly Moderate
CVE-2018-10862 was published for org.wildfly.core:wildfly-server (Maven) May 14, 2022
The Ultimate Member plugin for WordPress is vulnerable to directory traversal in versions up to,... Moderate Unreviewed
CVE-2022-3361 was published Nov 29, 2022
Improper Limitation of a Pathname to a Restricted Directory in plexus-archiver Moderate
CVE-2018-1002200 was published for org.codehaus.plexus:plexus-archiver (Maven) May 13, 2022
An exploitable directory traversal vulnerability exists in the web management interface used by... Moderate Unreviewed
CVE-2017-2829 was published May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in SharpZipLib Moderate
CVE-2018-1002208 was published for SharpZipLib (NuGet) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in Elasticsearch Moderate
CVE-2015-5531 was published for org.elasticsearch:elasticsearch (Maven) May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in JCraft JSch Moderate
CVE-2016-5725 was published for com.jcraft:jsch (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in zt-zip Moderate
CVE-2018-1002201 was published for org.zeroturnaround:zt-zip (Maven) May 13, 2022
Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal... Moderate Unreviewed
CVE-2021-41551 was published Jan 19, 2022
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco... Moderate Unreviewed
CVE-2022-20721 was published Apr 16, 2022
A vulnerability in the web-based management interface of Cisco Unified Communications Manager ... Moderate Unreviewed
CVE-2022-20790 was published Apr 22, 2022
Directory traversal vulnerability in productionnu2/fileuploader.php in nuBuilder 10.04.20, and... Moderate Unreviewed
CVE-2010-2850 was published May 17, 2022
Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014... Moderate Unreviewed
CVE-2015-3940 was published May 17, 2022
Directory traversal vulnerability in the Foobla Suggestions (com_foobla_suggestions) component 1... Moderate Unreviewed
CVE-2010-2920 was published May 17, 2022
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco... Moderate Unreviewed
CVE-2022-20722 was published Apr 16, 2022
Path traversal vulnerability in unzip method of InstallAgentCommonHelper in Galaxy store prior to... Moderate Unreviewed
CVE-2022-28544 was published Apr 12, 2022
A highly privileged remote attacker, can gain unauthorized access to display contents of... Moderate Unreviewed
CVE-2022-27657 was published Apr 13, 2022
A Directory Traversal vulnerability exists in KevinLAB Inc Building Energy Management System 4ST... Moderate Unreviewed
CVE-2021-37293 was published Apr 12, 2022
A relative path traversal in FortiWeb versions 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow... Moderate Unreviewed
CVE-2021-41026 was published Apr 7, 2022
Path traversal vulnerability in Samsung Flow prior to version 4.8.07.4 allows local attackers to... Moderate Unreviewed
CVE-2022-28543 was published Apr 12, 2022
A directory traversal vulnerability in IdeaRE RefTree before 2021.09.17 allows remote... Moderate Unreviewed
CVE-2022-27248 was published Apr 5, 2022
The JobMonster Theme was vulnerable to Directory Listing in the /wp-content/uploads/jobmonster/... Moderate Unreviewed
CVE-2022-1166 was published Apr 5, 2022
An Archive Extraction (AKA "Zip Slip) vulnerability exists in bbs 5.3 in the UpgradeNow function... Moderate Unreviewed
CVE-2021-43099 was published Mar 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database