GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
214 advisories
Filter by severity
HashBrown CMS Directory Traversal
High
CVE-2020-5840
was published
for
hashbrown-cms
(npm)
May 24, 2022
jqueryFileTree vulnerable to Directory Traversal
High
CVE-2017-1000170
was published
for
jqueryfiletree
(npm)
May 13, 2022
Path Traversal: 'dir/../../filename' in moment.locale
High
CVE-2022-24785
was published
for
Moment.js
(npm)
Apr 4, 2022
Path Traversal in @finastra/ssr-pages
High
CVE-2022-24718
was published
for
@finastra/ssr-pages
(npm)
Mar 1, 2022
Path Traversal in convert-svg packages
High
CVE-2021-23631
was published
for
convert-svg-core
(npm)
Jan 27, 2022
Path Traversal in http-server-node
High
CVE-2021-23797
was published
for
http-server-node
(npm)
Jan 5, 2022
Path Traversal in @backstage/plugin-scaffolder-backend
High
CVE-2021-43783
was published
for
@backstage/plugin-scaffolder-backend
(npm)
Dec 1, 2021
Directory Traversal in startserver
High
CVE-2021-23430
was published
for
startserver
(npm)
Sep 2, 2021
Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links
High
CVE-2021-37701
was published
for
tar
(npm)
Aug 31, 2021
Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links
High
CVE-2021-37712
was published
for
tar
(npm)
Aug 31, 2021
Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization
High
CVE-2021-37713
was published
for
tar
(npm)
Aug 31, 2021
Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization
High
CVE-2021-32804
was published
for
tar
(npm)
Aug 3, 2021
Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning
High
CVE-2021-32803
was published
for
tar
(npm)
Aug 3, 2021
Path Traversal in browserless-chrome
High
CVE-2020-7758
was published
for
browserless-chrome
(npm)
May 10, 2021
Path Traversal in node-red-contrib-huemagic
High
CVE-2021-25864
was published
for
node-red-contrib-huemagic
(npm)
Apr 13, 2021
Path traversal in Node-RED-Dashboard
High
CVE-2021-3223
was published
for
node-red-dashboard
(npm)
Jan 29, 2021
Arbitrary File Read in phantom-html-to-pdf
High
CVE-2020-7763
was published
for
phantom-html-to-pdf
(npm)
Nov 6, 2020
ProTip!
Advisories are also available from the
GraphQL API