GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,070
Erlang
29
GitHub Actions
19
Go
1,891
Maven
5,000+
npm
3,628
NuGet
638
pip
3,240
Pub
10
RubyGems
858
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
5,015 advisories
Filter by severity
A directory traversal vulnerability exists in the Web Manager FsMove functionality of Lantronix...
High
Unreviewed
CVE-2021-21885
was published
Dec 23, 2021
A directory traversal vulnerability exists in the Web Manager FSBrowsePage functionality of...
Moderate
Unreviewed
CVE-2021-21886
was published
Dec 23, 2021
A directory traversal vulnerability exists in the Web Manager FsTFtp functionality of Lantronix...
Critical
Unreviewed
CVE-2021-21894
was published
Dec 23, 2021
A directory traversal vulnerability exists in the Web Manager FsTFtp functionality of Lantronix...
High
Unreviewed
CVE-2021-21895
was published
Dec 23, 2021
A directory traversal vulnerability exists in the Web Manager FsBrowseClean functionality of...
Moderate
Unreviewed
CVE-2021-21896
was published
Dec 23, 2021
A directory traversal vulnerability exists in the CMA CLI setenv command of Garrett Metal...
High
Unreviewed
CVE-2021-21904
was published
Dec 23, 2021
A directory traversal vulnerability exists in the CMA CLI getenv command functionality of Garrett...
Moderate
Unreviewed
CVE-2021-21907
was published
Dec 23, 2021
Specially-crafted command line arguments can lead to arbitrary file deletion in the del .cnt|.log...
High
Unreviewed
CVE-2021-21909
was published
Dec 23, 2021
Specially-crafted command line arguments can lead to arbitrary file deletion. The handle_delete...
Moderate
Unreviewed
CVE-2021-21908
was published
Dec 23, 2021
Chain Sea ai chatbot system’s specific file download function has path traversal vulnerability....
High
Unreviewed
CVE-2021-44162
was published
Dec 21, 2021
SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the pathname of the emulator...
High
Unreviewed
CVE-2021-32498
was published
Dec 18, 2021
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2021-3960
was published
Dec 17, 2021
HD-Network Real-time Monitoring System 2.0 allows ../ directory traversal to read /etc/shadow via...
High
Unreviewed
CVE-2021-45043
was published
Dec 16, 2021
A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.11),...
High
Unreviewed
CVE-2021-41547
was published
Dec 15, 2021
A vulnerability has been identified in SIMATIC eaSie PCS 7 Skill Package (All versions < V21.00...
Moderate
Unreviewed
CVE-2021-42022
was published
Dec 15, 2021
The True Ranker plugin <= 2.2.2 for WordPress allows arbitrary files, including sensitive...
High
Unreviewed
CVE-2021-39312
was published
Dec 15, 2021
SAF-T Framework Transaction SAFTN_G allows an attacker to exploit insufficient validation of path...
High
Unreviewed
CVE-2021-44232
was published
Dec 15, 2021
Auerswald COMpact 5500R devices before 8.2B allow Arbitrary File Disclosure. A sub-admin can read...
Moderate
Unreviewed
CVE-2021-40858
was published
Dec 14, 2021
The All-in-One Video Gallery WordPress plugin before 2.5.0 does not sanitise and validate the tab...
High
Unreviewed
CVE-2021-24970
was published
Dec 14, 2021
Directory traversal vulnerability in /admin/includes/* directory for PHPGURUKUL Employee Record...
High
Unreviewed
CVE-2021-44965
was published
Dec 14, 2021
Zip Slip vulnerability in Pluck-CMS Pluck 4.7.15 allows an attacker to upload specially crafted...
Critical
Unreviewed
CVE-2021-31746
was published
Dec 11, 2021
A path traversal attack in web interfaces of Netgear RAX35, RAX38, and RAX40 routers before v1.0...
High
Unreviewed
CVE-2021-41449
was published
Dec 10, 2021
KNIME Server before 4.13.4 allows directory traversal in a request for a client profile.
High
Unreviewed
CVE-2021-44725
was published
Dec 9, 2021
A relative path traversal vulnerability in the SMA100 upload funtion allows a remote...
High
Unreviewed
CVE-2021-20040
was published
Dec 9, 2021
A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and...
High
Unreviewed
CVE-2021-41024
was published
Dec 9, 2021
ProTip!
Advisories are also available from the
GraphQL API