Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,070
Erlang
29
GitHub Actions
19
Go
1,891
Maven
5,000+
npm
3,628
NuGet
638
pip
3,240
Pub
10
RubyGems
858
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

110 advisories

Loading
Directory Traversal in send Low
CVE-2014-6394 was published for send (npm) Oct 24, 2017
Puppet vulnerable to Path Traversal Low
CVE-2012-3865 was published for puppet (RubyGems) Oct 24, 2017
Arbitrary File Write in cli Low
CVE-2016-10538 was published for cli (npm) Feb 18, 2019
Malicious URL drafting attack against iodines static file server may allow path traversal Low
CVE-2024-22050 was published for iodine (RubyGems) Oct 7, 2019
Path Traversal in openapi-python-client Low
CVE-2020-15141 was published for openapi-python-client (pip) Aug 20, 2020
pawamoy emann
Directory Traversal vulnerability in GET/PUT allows attackers to Disclose Information or Write Files via a crafted GET/PUT request Low
CVE-2020-15239 was published for xmpp-http-upload (pip) Oct 6, 2020
ChristianTacke
Path traversal in Node-Red Low
CVE-2021-21298 was published for @node-red/runtime (npm) Feb 26, 2021
Plugin archive directory traversal in Helm Low
CVE-2020-4053 was published for helm.sh/helm/v3 (Go) Jun 23, 2021
snoopysecurity
Path traversal in github.com/cloudflare/cfrpki/cmd/octorpki Low
GHSA-8459-6rc9-8vf8 was published for github.com/cloudflare/cfrpki (Go) Feb 14, 2022
Multiple directory traversal vulnerabilities in admin.php3 in PHPMyChat 0.14.5 allow remote... Low Unreviewed
CVE-2004-2717 was published Apr 29, 2022
unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".... Low Unreviewed
CVE-2006-0950 was published May 1, 2022
Multiple directory traversal vulnerabilities in aBitWhizzy allow remote attackers to list... Low Unreviewed
CVE-2007-1773 was published May 1, 2022
Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3... Low Unreviewed
CVE-2007-4271 was published May 1, 2022
Apache Tomcat Path Traversal Vulnerability Low
CVE-2007-5461 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and earlier allows remote... Low Unreviewed
CVE-2007-5731 was published May 1, 2022
Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote... Low Unreviewed
CVE-2008-0819 was published May 1, 2022
Directory traversal vulnerability in index.php in Scribe 0.2 allows remote attackers to read... Low Unreviewed
CVE-2008-0822 was published May 1, 2022
Absolute path traversal vulnerability in install/index.php in Drake CMS 0.4.11 RC8 allows remote... Low Unreviewed
CVE-2008-1371 was published May 1, 2022
Directory traversal vulnerability in makepost.php in DaZPHPNews 0.1-1, when register_globals is... Low Unreviewed
CVE-2008-1696 was published May 1, 2022
Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, when register_globals is... Low Unreviewed
CVE-2009-0286 was published May 2, 2022
Multiple directory traversal vulnerabilities in CutePHP CuteNews 1.4.6, when magic_quotes_gpc is... Low Unreviewed
CVE-2009-4116 was published May 2, 2022
Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for... Low Unreviewed
CVE-2010-0801 was published May 2, 2022
The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3... Low Unreviewed
CVE-2010-0926 was published May 2, 2022
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat... Low Unreviewed
CVE-2005-1918 was published May 3, 2022
Path traversal vulnerability in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to... Low Unreviewed
CVE-2022-28784 was published May 4, 2022
ProTip! Advisories are also available from the GraphQL API