Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

6,197 advisories

Loading
Directory Traversal in serverhuwenhui High
CVE-2017-16102 was published for serverhuwenhui (npm) Sep 1, 2020
Directory Traversal in serverlyr High
CVE-2017-16089 was published for serverlyr (npm) Sep 1, 2020
Directory Traversal in serverwg High
CVE-2017-16101 was published for serverwg (npm) Sep 1, 2020
Directory Traversal in serverwzl High
CVE-2017-16105 was published for serverwzl (npm) Sep 1, 2020
Directory Traversal in serveryaozeyan High
CVE-2017-16096 was published for serveryaozeyan (npm) Sep 1, 2020
Directory Traversal in serveryztyzt High
CVE-2017-16103 was published for serveryztyzt (npm) Sep 1, 2020
Directory Traversal in fsk-server High
CVE-2017-16090 was published for fsk-server (npm) Sep 1, 2020
Directory Traversal in tiny-http High
CVE-2017-16097 was published for tiny-http (npm) Sep 1, 2020
Directory Traversal in xtalk High
CVE-2017-16091 was published for xtalk (npm) Sep 1, 2020
fury-adapter-swagger allows arbitrary file read from system High
CVE-2016-1000249 was published for fury-adapter-swagger (npm) Sep 1, 2020
Directory Traversal in st High
CVE-2014-3744 was published for st (npm) Aug 31, 2020
Hidden Directories Always Served in inert Moderate
CVE-2014-10068 was published for inert (npm) Aug 31, 2020
Directory Traversal in fancy-server High
CVE-2014-10066 was published for fancy-server (npm) Aug 31, 2020
Path Traversal in openapi-python-client Low
CVE-2020-15141 was published for openapi-python-client (pip) Aug 20, 2020
pawamoy emann
Directory traversal in rollup-plugin-server High
CVE-2020-7686 was published for rollup-plugin-server (npm) Jul 29, 2020
Directory traversal in rollup-plugin-server High
CVE-2020-7683 was published for rollup-plugin-server (npm) Jul 29, 2020
Directory traversal in fast-http High
CVE-2020-7687 was published for fast-http (npm) Jul 27, 2020
Path Traversal in socket.io-file High
CVE-2020-15779 was published for socket.io-file (npm) Jul 7, 2020
Directory traversal in Rack::Directory app bundled with Rack High
CVE-2020-8161 was published for rack (RubyGems) Jul 6, 2020
Directory traversal in Apache RocketMQ Moderate
CVE-2019-17572 was published for org.apache.rocketmq:rocketmq-broker (Maven) Jul 1, 2020
Directory traversal outside of SENDFILE_ROOT in django-sendfile2 Moderate
GHSA-6r3c-8xf3-ggrr was published for django-sendfile2 (pip) Jun 24, 2020
gipi moggers87
Directory traversal attack in Spring Cloud Config High
CVE-2020-5410 was published for org.springframework.cloud:spring-cloud-config-server (Maven) Jun 5, 2020
Directory traversal attack in Spring Cloud Config Moderate
CVE-2020-5405 was published for org.springframework.cloud:spring-cloud-config-server (Maven) Jun 5, 2020
Arbitrary File Read in Snyk Broker Moderate
CVE-2020-7652 was published for snyk-broker (npm) Jun 3, 2020
Arbitrary File Read in Snyk Broker Moderate
CVE-2020-7648 was published for snyk-broker (npm) Jun 3, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database