Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

551 advisories

Loading
Improper Limitation of a Pathname ('Path Traversal') in org.apache.solr:solr-core High
CVE-2017-3163 was published for org.apache.solr:solr-core (Maven) Oct 18, 2018
Unzip function in ZipUtil.java in Hutool allows remote attackers to overwrite arbitrary files via directory traversal High
CVE-2018-17297 was published for cn.hutool:hutool-all (Maven) Oct 17, 2018
In blynk-server a Directory Traversal exists High
CVE-2018-17785 was published for com.github.blynkkk:blynk-server (Maven) Oct 17, 2018
High severity vulnerability that affects DotNetZip High
CVE-2018-1002205 was published for DotNetZip (NuGet) Oct 16, 2018
Pivotal Spring Framework Paths provided to the ResourceServlet were not properly sanitized High
CVE-2016-9878 was published for org.springframework:spring-webmvc (Maven) Oct 4, 2018
sunSUNQ
Spark allows remote attackers to read arbitrary files via a .. (dot dot) in the URI High
CVE-2016-9177 was published for com.sparkjava:spark-core (Maven) Oct 4, 2018
Path Traversal in buttle High
CVE-2018-3766 was published for buttle (npm) Sep 18, 2018
simplehttpserver allows directory traversal and file listing High
CVE-2018-3787 was published for simplehttpserver (npm) Sep 6, 2018
Directory Traversal in ritp High
CVE-2017-16198 was published for ritp (npm) Aug 6, 2018
Path Traversal in mcstatic High
CVE-2018-3730 was published for mcstatic (npm) Jul 27, 2018
Directory Traversal in cyber-js High
CVE-2017-16093 was published for cyber-js (npm) Jul 27, 2018
Path Traversal in hekto High
CVE-2018-3725 was published for hekto (npm) Jul 26, 2018
Path Traversal in general-file-server High
CVE-2018-3724 was published for general-file-server (npm) Jul 26, 2018
Path Traversal in localhost-now High
CVE-2018-3729 was published for localhost-now (npm) Jul 25, 2018
Directory Traversal in node-simple-router High
CVE-2017-16083 was published for node-simple-router (npm) Jul 24, 2018
Directory Traversal in f2e-server High
CVE-2017-16038 was published for f2e-server (npm) Jul 24, 2018
Directory Traversal in hftp High
CVE-2017-16039 was published for hftp (npm) Jul 24, 2018
Directory Traversal in gomeplus-h5-proxy High
CVE-2017-16037 was published for gomeplus-h5-proxy (npm) Jul 24, 2018
Directory Traversal in badjs-sourcemap-server High
CVE-2017-16036 was published for badjs-sourcemap-server (npm) Jul 24, 2018
Directory Traversal in tinyserver2 High
CVE-2017-16085 was published for tinyserver2 (npm) Jul 24, 2018
Directory Traversal in list-n-stream High
CVE-2017-16084 was published for list-n-stream (npm) Jul 24, 2018
Directory Traversal in iter-http High
CVE-2017-16094 was published for iter-http (npm) Jul 24, 2018
Directory Traversal in sencisho High
CVE-2017-16092 was published for sencisho (npm) Jul 24, 2018
Directory traversal in pooledwebsocket High
CVE-2017-16107 was published for pooledwebsocket (npm) Jul 24, 2018
Directory Traversal in citypredict.whauwiller High
CVE-2017-16104 was published for citypredict.whauwiller (npm) Jul 24, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database