Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,030
Erlang
29
GitHub Actions
17
Go
1,837
Maven
5,000+
npm
3,575
NuGet
634
pip
3,161
Pub
10
RubyGems
849
Rust
798
Swift
34
Unreviewed advisories
All unreviewed
5,000+

5,875 advisories

Loading
High severity vulnerability that affects DotNetZip High
CVE-2018-1002205 was published for DotNetZip (NuGet) Oct 16, 2018
Pivotal Spring Framework Paths provided to the ResourceServlet were not properly sanitized High
CVE-2016-9878 was published for org.springframework:spring-webmvc (Maven) Oct 4, 2018
sunSUNQ
Spark allows remote attackers to read arbitrary files via a .. (dot dot) in the URI High
CVE-2016-9177 was published for com.sparkjava:spark-core (Maven) Oct 4, 2018
Directory Traversal in augustine Moderate
CVE-2017-0930 was published for augustine (npm) Sep 18, 2018
Path Traversal in buttle High
CVE-2018-3766 was published for buttle (npm) Sep 18, 2018
Path Traversal in html-pages Critical
CVE-2018-3744 was published for html-pages (npm) Sep 18, 2018
simplehttpserver allows directory traversal and file listing High
CVE-2018-3787 was published for simplehttpserver (npm) Sep 6, 2018
Directory Traversal in easyquick Moderate
CVE-2017-16109 was published for easyquick (npm) Aug 29, 2018
Directory Traversal in desafio Moderate
CVE-2017-16164 was published for desafio (npm) Aug 6, 2018
Directory Traversal in jikes Moderate
CVE-2017-16139 was published for jikes (npm) Aug 6, 2018
Directory Traversal in elding Moderate
CVE-2017-16222 was published for elding (npm) Aug 6, 2018
Directory Traversal in ritp High
CVE-2017-16198 was published for ritp (npm) Aug 6, 2018
Directory Traversal in serve Moderate
CVE-2018-3712 was published for serve (npm) Jul 27, 2018
tdunlap607
Arbitrary File Write in adm-zip Moderate
CVE-2018-1002204 was published for adm-zip (npm) Jul 27, 2018
Arbitrary File Write via Archive Extraction in unzipper Moderate
CVE-2018-1002203 was published for unzipper (npm) Jul 27, 2018
Path Traversal in mcstatic High
CVE-2018-3730 was published for mcstatic (npm) Jul 27, 2018
Remote Code Execution in markdown-pdf Moderate
CVE-2018-3770 was published for markdown-pdf (npm) Jul 27, 2018
Directory Traversal in cyber-js High
CVE-2017-16093 was published for cyber-js (npm) Jul 27, 2018
Path Traversal in hekto High
CVE-2018-3725 was published for hekto (npm) Jul 26, 2018
Path Traversal in general-file-server High
CVE-2018-3724 was published for general-file-server (npm) Jul 26, 2018
Path Traversal in glance Moderate
CVE-2018-3715 was published for glance (npm) Jul 26, 2018
Path Traversal in node-srv Moderate
CVE-2018-3714 was published for node-srv (npm) Jul 26, 2018
Path Traversal in angular-http-server Moderate
CVE-2018-3713 was published for angular-http-server (npm) Jul 26, 2018
Path Traversal in localhost-now High
CVE-2018-3729 was published for localhost-now (npm) Jul 25, 2018
Directory Traversal in node-simple-router High
CVE-2017-16083 was published for node-simple-router (npm) Jul 24, 2018
ProTip! Advisories are also available from the GraphQL API