Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,335
Erlang
31
GitHub Actions
22
Go
2,096
Maven
5,000+
npm
3,762
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

2,736 advisories

Loading
Path traversal in Jenkins Pipeline Phoenix AutoTest Plugin Moderate
CVE-2022-28157 was published for com.surenpi.jenkins:phoenix-autotest (Maven) Mar 30, 2022
The String locator WordPress plugin before 2.5.0 does not properly validate the path of the files... Moderate Unreviewed
CVE-2022-0493 was published Mar 29, 2022
aaPanel v6.8.21 was discovered to be vulnerable to directory traversal. This vulnerability allows... Moderate Unreviewed
CVE-2022-26252 was published Mar 28, 2022
Mendelson OFTP2 before 1.1 b43 is affected by directory traversal. To access the vulnerable code... Moderate Unreviewed
CVE-2022-27906 was published Mar 26, 2022
Passwork On-Premise Edition before 4.6.13 allows migration/downloadExportFile Directory Traversal... Moderate Unreviewed
CVE-2022-25266 was published Mar 25, 2022
Path traversal allows leaking out-of-bound files from Argo CD repo-server Moderate
CVE-2022-24731 was published for github.com/argoproj/argo-cd (Go) Mar 24, 2022
alexmt
Path Traversal in Spring-integration-zip Moderate
CVE-2021-22114 was published for org.springframework.integration:spring-integration-zip (Maven) Mar 18, 2022
pgAdmin 4 Path Traversal vulnerability Moderate
CVE-2022-0959 was published for pgadmin4 (pip) Mar 17, 2022
Arbitrary JSON and property file read vulnerability in Jenkins Extended Choice Parameter Plugin Moderate
CVE-2022-27203 was published for org.jenkins-ci.plugins:extended-choice-parameter (Maven) Mar 16, 2022
NotMyFault
Arbitrary file read vulnerability in Jenkins kubernetes-cd Plugin Moderate
CVE-2022-27208 was published for org.jenkins-ci.plugins:kubernetes-cd (Maven) Mar 16, 2022
NotMyFault
Path Traversal in Gitea Moderate
CVE-2021-29134 was published for code.gitea.io/gitea (Go) Mar 16, 2022
The Simple Download Monitor WordPress plugin before 3.9.5 allows users with a role as low as... Moderate Unreviewed
CVE-2021-24692 was published Mar 15, 2022
An issue in index.php of OneNav v0.9.14 allows attackers to perform directory traversal. Moderate Unreviewed
CVE-2022-26276 was published Mar 13, 2022
Path traversal in FreeTAKServer-UI Moderate
CVE-2022-25511 was published for FreeTAKServer-UI (pip) Mar 12, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA)... Moderate Unreviewed
CVE-2021-42857 was published Mar 11, 2022
Directory traversal vulnerability in pfSense-pkg-WireGuard pfSense-pkg-WireGuard 0.1.5 versions... Moderate Unreviewed
CVE-2022-21132 was published Mar 11, 2022
An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and... Moderate Unreviewed
CVE-2022-26484 was published Mar 5, 2022
Multiple relative path traversal vulnerabilities [CWE-23] in FortiWLM management interface 8.6.2... Moderate Unreviewed
CVE-2021-43070 was published Mar 3, 2022
The Contact Forms - Drag & Drop Contact Form Builder WordPress plugin through 1.0.5 allows high... Moderate Unreviewed
CVE-2021-24689 was published Mar 1, 2022
The Cost Calculator WordPress plugin through 1.4 allows users with a role as low as Contributor... Moderate Unreviewed
CVE-2021-24820 was published Mar 1, 2022
qrcp through 0.8.4, in receive mode, allows ../ Directory Traversal via the file name specified... Moderate Unreviewed
CVE-2022-26315 was published Mar 1, 2022
IBM Sterling External Authentication Server 3.4.3.2, 6.0.2.0, and 6.0.3.0 is vulnerable to path... Moderate Unreviewed
CVE-2022-22349 was published Feb 25, 2022
There is a directory traversal vulnerability in some home gateway products of ZTE. Due to the... Moderate Unreviewed
CVE-2022-23135 was published Feb 25, 2022
A Directory Traversal vulnerability exists in the Xerte Project Xerte through 3.10.3 when... Moderate Unreviewed
CVE-2021-44665 was published Feb 25, 2022
Path traversal in pimcore Moderate
CVE-2022-0665 was published for pimcore/pimcore (Composer) Feb 23, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database