GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
126 advisories
Filter by severity
Path traversal vulnerability in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to...
Low
Unreviewed
CVE-2022-28784
was published
May 4, 2022
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat...
Low
Unreviewed
CVE-2005-1918
was published
May 3, 2022
The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3...
Low
Unreviewed
CVE-2010-0926
was published
May 2, 2022
Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for...
Low
Unreviewed
CVE-2010-0801
was published
May 2, 2022
Multiple directory traversal vulnerabilities in CutePHP CuteNews 1.4.6, when magic_quotes_gpc is...
Low
Unreviewed
CVE-2009-4116
was published
May 2, 2022
Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, when register_globals is...
Low
Unreviewed
CVE-2009-0286
was published
May 2, 2022
Directory traversal vulnerability in makepost.php in DaZPHPNews 0.1-1, when register_globals is...
Low
Unreviewed
CVE-2008-1696
was published
May 1, 2022
Absolute path traversal vulnerability in install/index.php in Drake CMS 0.4.11 RC8 allows remote...
Low
Unreviewed
CVE-2008-1371
was published
May 1, 2022
Directory traversal vulnerability in index.php in Scribe 0.2 allows remote attackers to read...
Low
Unreviewed
CVE-2008-0822
was published
May 1, 2022
Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote...
Low
Unreviewed
CVE-2008-0819
was published
May 1, 2022
Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and earlier allows remote...
Low
Unreviewed
CVE-2007-5731
was published
May 1, 2022
Apache Tomcat Path Traversal Vulnerability
Low
CVE-2007-5461
was published
for
org.apache.tomcat:tomcat
(Maven)
May 1, 2022
Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3...
Low
Unreviewed
CVE-2007-4271
was published
May 1, 2022
Multiple directory traversal vulnerabilities in aBitWhizzy allow remote attackers to list...
Low
Unreviewed
CVE-2007-1773
was published
May 1, 2022
unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with "....
Low
Unreviewed
CVE-2006-0950
was published
May 1, 2022
Multiple directory traversal vulnerabilities in admin.php3 in PHPMyChat 0.14.5 allow remote...
Low
Unreviewed
CVE-2004-2717
was published
Apr 29, 2022
Path traversal in github.com/cloudflare/cfrpki/cmd/octorpki
Low
GHSA-8459-6rc9-8vf8
was published
for
github.com/cloudflare/cfrpki
(Go)
Feb 14, 2022
Plugin archive directory traversal in Helm
Low
CVE-2020-4053
was published
for
helm.sh/helm/v3
(Go)
Jun 23, 2021
Path traversal in Node-Red
Low
CVE-2021-21298
was published
for
@node-red/runtime
(npm)
Feb 26, 2021
Directory Traversal vulnerability in GET/PUT allows attackers to Disclose Information or Write Files via a crafted GET/PUT request
Low
CVE-2020-15239
was published
for
xmpp-http-upload
(pip)
Oct 6, 2020
Path Traversal in openapi-python-client
Low
CVE-2020-15141
was published
for
openapi-python-client
(pip)
Aug 20, 2020
Malicious URL drafting attack against iodines static file server may allow path traversal
Low
CVE-2024-22050
was published
for
iodine
(RubyGems)
Oct 7, 2019
Puppet vulnerable to Path Traversal
Low
CVE-2012-3865
was published
for
puppet
(RubyGems)
Oct 24, 2017
ProTip!
Advisories are also available from the
GraphQL API