Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,611
NuGet
638
pip
3,209
Pub
10
RubyGems
853
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,619 advisories

Loading
Path Traversal in angular-http-server High
GHSA-vmhw-fhj6-m3g5 was published for angular-http-server (npm) May 31, 2019
Directory Traversal in ltt.js High
GHSA-6qh5-wx38-q92g was published for ltt.js (npm) May 30, 2019
Path Traversal in localhost-now High
GHSA-73cw-jxmm-qpgh was published for localhost-now (npm) Jun 11, 2019
Directory Traversal in lactate High
GHSA-68gr-cmcp-g3mj was published for lactate (npm) Jun 14, 2019
Path Traversal in serve-here.js High
GHSA-g8m7-qhv7-9h5x was published for serve-here (npm) Jul 5, 2019
Path Traversal in algo-httpserv High
GHSA-cgjv-rghq-qhgp was published for algo-httpserv (npm) Sep 11, 2019
Arbitrary File Write in iobroker.js-controller High
CVE-2019-10767 was published for iobroker.js-controller (npm) Dec 2, 2019
Directory Traversal in geddy High
CVE-2015-5688 was published for geddy (npm) Oct 24, 2017
Path Traversal in total.js High
CVE-2019-8903 was published for total.js (npm) Feb 20, 2019
High severity vulnerability that affects org.dspace:dspace-xmlui High
CVE-2016-10726 was published for org.dspace:dspace-xmlui (Maven) Oct 19, 2018
Path Traversal in http-live-simulator High
CVE-2019-5423 was published for http-live-simulator (npm) Apr 8, 2019
High severity vulnerability that affects DotNetZip High
CVE-2018-1002205 was published for DotNetZip (NuGet) Oct 16, 2018
In blynk-server a Directory Traversal exists High
CVE-2018-17785 was published for com.github.blynkkk:blynk-server (Maven) Oct 17, 2018
Path Traversal in http-live-simulator High
CVE-2018-16479 was published for http-live-simulator (npm) Feb 7, 2019
High severity vulnerability that affects gun High
GHSA-886v-mm6p-4m66 was published for gun (npm) Jun 5, 2019
JK0N
Directory traversal vulnerability in Next.js High
CVE-2018-6184 was published for next (npm) Jan 24, 2018
Spark allows remote attackers to read arbitrary files via a .. (dot dot) in the URI High
CVE-2016-9177 was published for com.sparkjava:spark-core (Maven) Oct 4, 2018
Unzip function in ZipUtil.java in Hutool allows remote attackers to overwrite arbitrary files via directory traversal High
CVE-2018-17297 was published for cn.hutool:hutool-all (Maven) Oct 17, 2018
Directory Traversal in serve High
CVE-2019-5417 was published for serve (npm) Mar 25, 2019
Path Traversal in socket.io-file High
CVE-2020-15779 was published for socket.io-file (npm) Jul 7, 2020
Path Traversal in cordova-plugin-ionic-webview High
CVE-2018-16202 was published for cordova-plugin-ionic-webview (npm) Feb 12, 2019
Directory Traversal vulnerability in Square Retrofit High
CVE-2018-1000850 was published for com.squareup.retrofit2:retrofit (Maven) Dec 21, 2018
Directory Traversal in fancy-server High
CVE-2014-10066 was published for fancy-server (npm) Aug 31, 2020
Directory Traversal in nodeload-nmickuli High
GHSA-wmcq-3wfx-qjx5 was published for nodeload-nmickuli (npm) Sep 1, 2020
Path Traversal in bruteser High
GHSA-v7cp-5326-54fh was published for bruteser (npm) Sep 3, 2020
ProTip! Advisories are also available from the GraphQL API