GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,809 advisories
Filter by severity
Path Traversal in angular-http-server
High
GHSA-vmhw-fhj6-m3g5
was published
for
angular-http-server
(npm)
May 31, 2019
Path Traversal in localhost-now
High
GHSA-73cw-jxmm-qpgh
was published
for
localhost-now
(npm)
Jun 11, 2019
Directory Traversal in lactate
High
GHSA-68gr-cmcp-g3mj
was published
for
lactate
(npm)
Jun 14, 2019
Path Traversal in serve-here.js
High
GHSA-g8m7-qhv7-9h5x
was published
for
serve-here
(npm)
Jul 5, 2019
Path Traversal in algo-httpserv
High
GHSA-cgjv-rghq-qhgp
was published
for
algo-httpserv
(npm)
Sep 11, 2019
Arbitrary File Write in iobroker.js-controller
High
CVE-2019-10767
was published
for
iobroker.js-controller
(npm)
Dec 2, 2019
High severity vulnerability that affects org.dspace:dspace-xmlui
High
CVE-2016-10726
was published
for
org.dspace:dspace-xmlui
(Maven)
Oct 19, 2018
Path Traversal in http-live-simulator
High
CVE-2019-5423
was published
for
http-live-simulator
(npm)
Apr 8, 2019
High severity vulnerability that affects DotNetZip
High
CVE-2018-1002205
was published
for
DotNetZip
(NuGet)
Oct 16, 2018
In blynk-server a Directory Traversal exists
High
CVE-2018-17785
was published
for
com.github.blynkkk:blynk-server
(Maven)
Oct 17, 2018
Path Traversal in http-live-simulator
High
CVE-2018-16479
was published
for
http-live-simulator
(npm)
Feb 7, 2019
High severity vulnerability that affects gun
High
GHSA-886v-mm6p-4m66
was published
for
gun
(npm)
Jun 5, 2019
Directory traversal vulnerability in Next.js
High
CVE-2018-6184
was published
for
next
(npm)
Jan 24, 2018
Spark allows remote attackers to read arbitrary files via a .. (dot dot) in the URI
High
CVE-2016-9177
was published
for
com.sparkjava:spark-core
(Maven)
Oct 4, 2018
Unzip function in ZipUtil.java in Hutool allows remote attackers to overwrite arbitrary files via directory traversal
High
CVE-2018-17297
was published
for
cn.hutool:hutool-all
(Maven)
Oct 17, 2018
Path Traversal in socket.io-file
High
CVE-2020-15779
was published
for
socket.io-file
(npm)
Jul 7, 2020
Path Traversal in cordova-plugin-ionic-webview
High
CVE-2018-16202
was published
for
cordova-plugin-ionic-webview
(npm)
Feb 12, 2019
Directory Traversal vulnerability in Square Retrofit
High
CVE-2018-1000850
was published
for
com.squareup.retrofit2:retrofit
(Maven)
Dec 21, 2018
Directory Traversal in fancy-server
High
CVE-2014-10066
was published
for
fancy-server
(npm)
Aug 31, 2020
Directory Traversal in nodeload-nmickuli
High
GHSA-wmcq-3wfx-qjx5
was published
for
nodeload-nmickuli
(npm)
Sep 1, 2020
ProTip!
Advisories are also available from the
GraphQL API