Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,732 advisories

Loading
Directory Traversal in serverliujiayi1 High
CVE-2017-16095 was published for serverliujiayi1 (npm) Sep 1, 2020
Directory Traversal in serverhuwenhui High
CVE-2017-16102 was published for serverhuwenhui (npm) Sep 1, 2020
Directory Traversal in serverlyr High
CVE-2017-16089 was published for serverlyr (npm) Sep 1, 2020
Directory Traversal in serverwg High
CVE-2017-16101 was published for serverwg (npm) Sep 1, 2020
Directory Traversal in serverwzl High
CVE-2017-16105 was published for serverwzl (npm) Sep 1, 2020
Directory Traversal in serveryaozeyan High
CVE-2017-16096 was published for serveryaozeyan (npm) Sep 1, 2020
Directory Traversal in serveryztyzt High
CVE-2017-16103 was published for serveryztyzt (npm) Sep 1, 2020
Directory Traversal in fsk-server High
CVE-2017-16090 was published for fsk-server (npm) Sep 1, 2020
Directory Traversal in tiny-http High
CVE-2017-16097 was published for tiny-http (npm) Sep 1, 2020
Directory Traversal in xtalk High
CVE-2017-16091 was published for xtalk (npm) Sep 1, 2020
fury-adapter-swagger allows arbitrary file read from system High
CVE-2016-1000249 was published for fury-adapter-swagger (npm) Sep 1, 2020
Directory Traversal in st High
CVE-2014-3744 was published for st (npm) Aug 31, 2020
Directory Traversal in fancy-server High
CVE-2014-10066 was published for fancy-server (npm) Aug 31, 2020
Directory traversal in rollup-plugin-server High
CVE-2020-7686 was published for rollup-plugin-server (npm) Jul 29, 2020
Directory traversal in rollup-plugin-server High
CVE-2020-7683 was published for rollup-plugin-server (npm) Jul 29, 2020
Directory traversal in fast-http High
CVE-2020-7687 was published for fast-http (npm) Jul 27, 2020
Path Traversal in socket.io-file High
CVE-2020-15779 was published for socket.io-file (npm) Jul 7, 2020
Directory traversal in Rack::Directory app bundled with Rack High
CVE-2020-8161 was published for rack (RubyGems) Jul 6, 2020
Directory traversal attack in Spring Cloud Config High
CVE-2020-5410 was published for org.springframework.cloud:spring-cloud-config-server (Maven) Jun 5, 2020
Cross-Site Scripting in http_server High
CVE-2019-15600 was published for http_server (npm) Mar 31, 2020
Relative Path Traversal (CWE-23) in chunked uploads in oneup/uploader-bundle High
CVE-2020-5237 was published for oneup/uploader-bundle (Composer) Feb 18, 2020
npm Vulnerable to Global node_modules Binary Overwrite High
CVE-2019-16777 was published for npm (npm) Dec 13, 2019
DanielRuf
npm symlink reference outside of node_modules High
CVE-2019-16776 was published for npm (npm) Dec 13, 2019
DanielRuf
Arbitrary File Write in iobroker.js-controller High
CVE-2019-10767 was published for iobroker.js-controller (npm) Dec 2, 2019
Path traversal attack on Windows platforms High
CVE-2019-0207 was published for org.apache.tapestry:tapestry-core (Maven) Nov 18, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database