GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,958
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,971
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
3,508 advisories
Filter by severity
Directory Traversal in intsol-package
High
CVE-2017-16178
was published
for
intsol-package
(npm)
Jul 23, 2018
Directory Traversal in open-device
High
CVE-2017-16187
was published
for
open-device
(npm)
Jul 23, 2018
Directory Traversal in getcityapi.yoehoehne
High
CVE-2017-16192
was published
for
getcityapi.yoehoehne
(npm)
Jul 23, 2018
Directory Traversal in quickserver
High
CVE-2017-16196
was published
for
quickserver
(npm)
Jul 23, 2018
Directory Traversal in jn_jj_server
High
CVE-2017-16210
was published
for
jn_jj_server
(npm)
Jul 23, 2018
Directory Traversal in fbr-client
High
CVE-2017-16217
was published
for
fbr-client
(npm)
Jul 23, 2018
Directory Traversal in dgard8.lab6
High
CVE-2017-16218
was published
for
dgard8.lab6
(npm)
Jul 23, 2018
Invalid Curve Attack in node-jose
Moderate
CVE-2017-16007
was published
for
node-jose
(npm)
Jul 20, 2018
mime Regular Expression Denial of Service when MIME lookup performed on untrusted user input
High
CVE-2017-16138
was published
for
mime
(npm)
Jul 20, 2018
Denial of Service vulnerability with large JSON payloads in fastify
High
CVE-2018-3711
was published
for
fastify
(npm)
Jul 18, 2018
Path Traversal in crud-file-server
High
CVE-2018-3733
was published
for
crud-file-server
(npm)
Jul 18, 2018
Cross-site Scripting (XSS) - Stored in crud-file-server
Moderate
CVE-2018-3726
was published
for
crud-file-server
(npm)
Jul 18, 2018
Information Exposure on Case Insensitive File Systems in serve
Moderate
CVE-2018-3809
was published
for
serve
(npm)
Jul 18, 2018
Withdrawn Advisory: mariadb was malware
High
CVE-2017-16046
was published
for
mariadb
(npm)
Jul 18, 2018
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API