Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,651
Maven
5,000+
npm
4,279
NuGet
760
pip
4,066
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

7,362 advisories

Loading
Directory Traversal in nodeload-nmickuli High
GHSA-wmcq-3wfx-qjx5 was published for nodeload-nmickuli (npm) Sep 1, 2020
Hidden Directories Always Served in inert Moderate
CVE-2014-10068 was published for inert (npm) Aug 31, 2020
Directory Traversal in fancy-server High
CVE-2014-10066 was published for fancy-server (npm) Aug 31, 2020
Directory Traversal vulnerability in Square Retrofit High
CVE-2018-1000850 was published for com.squareup.retrofit2:retrofit (Maven) Dec 21, 2018
Path Traversal in cordova-plugin-ionic-webview High
CVE-2018-16202 was published for cordova-plugin-ionic-webview (npm) Feb 12, 2019
Path Traversal in socket.io-file High
CVE-2020-15779 was published for socket.io-file (npm) Jul 7, 2020
Directory traversal in Apache RocketMQ Moderate
CVE-2019-17572 was published for org.apache.rocketmq:rocketmq-broker (Maven) Jul 1, 2020
Directory Traversal in send Low
CVE-2014-6394 was published for send (npm) Oct 24, 2017
Directory Traversal in serve High
CVE-2019-5417 was published for serve (npm) Mar 25, 2019
Unzip function in ZipUtil.java in Hutool allows remote attackers to overwrite arbitrary files via directory traversal High
CVE-2018-17297 was published for cn.hutool:hutool-all (Maven) Oct 17, 2018
Moderate severity vulnerability that affects org.apache.tika:tika-core Moderate
CVE-2018-11762 was published for org.apache.tika:tika-core (Maven) Oct 17, 2018
Moderate severity vulnerability that affects org.apache.karaf:apache-karaf and org.apache.karaf:karaf Moderate
CVE-2019-0191 was published for org.apache.karaf:apache-karaf (Maven) Mar 25, 2019
Spark allows remote attackers to read arbitrary files via a .. (dot dot) in the URI High
CVE-2016-9177 was published for com.sparkjava:spark-core (Maven) Oct 4, 2018
Directory traversal vulnerability in Next.js High
CVE-2018-6184 was published for next (npm) Jan 24, 2018
Directory Traversal in bitty Moderate
CVE-2016-10561 was published for bitty (npm) Feb 18, 2019
High severity vulnerability that affects gun High
GHSA-886v-mm6p-4m66 was published for gun (npm) Jun 5, 2019
JK0N
Credited to JK0N
Path Traversal in http-live-simulator High
CVE-2018-16479 was published for http-live-simulator (npm) Feb 7, 2019
In blynk-server a Directory Traversal exists High
CVE-2018-17785 was published for com.github.blynkkk:blynk-server (Maven) Oct 17, 2018
Arbitrary File Write in cli Low
CVE-2016-10538 was published for cli (npm) Feb 18, 2019
Path Traversal in http-live-simulator High
CVE-2019-5423 was published for http-live-simulator (npm) Apr 8, 2019
High severity vulnerability that affects org.dspace:dspace-xmlui High
CVE-2016-10726 was published for org.dspace:dspace-xmlui (Maven) Oct 19, 2018
Path Traversal in total.js High
CVE-2019-8903 was published for total.js (npm) Feb 20, 2019
Directory Traversal in geddy High
CVE-2015-5688 was published for geddy (npm) Oct 24, 2017
Moderate severity vulnerability that affects com.sparkjava:spark-core Moderate
CVE-2018-9159 was published for com.sparkjava:spark-core (Maven) Oct 19, 2018
Arbitrary File Read in Snyk Broker Moderate
CVE-2020-7652 was published for snyk-broker (npm) Jun 3, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database