GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,026
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,157
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,411 advisories
Filter by severity
Directory Traversal in utahcityfinder
High
CVE-2017-16173
was published
for
utahcityfinder
(npm)
Jul 23, 2018
Directory Traversal in whispercast
High
CVE-2017-16174
was published
for
whispercast
(npm)
Jul 23, 2018
Directory Traversal in ewgaddis.lab6
High
CVE-2017-16175
was published
for
ewgaddis.lab6
(npm)
Jul 23, 2018
Directory Traversal in intsol-package
High
CVE-2017-16178
was published
for
intsol-package
(npm)
Jul 23, 2018
Directory Traversal in open-device
High
CVE-2017-16187
was published
for
open-device
(npm)
Jul 23, 2018
Directory Traversal in getcityapi.yoehoehne
High
CVE-2017-16192
was published
for
getcityapi.yoehoehne
(npm)
Jul 23, 2018
Directory Traversal in quickserver
High
CVE-2017-16196
was published
for
quickserver
(npm)
Jul 23, 2018
Directory Traversal in jn_jj_server
High
CVE-2017-16210
was published
for
jn_jj_server
(npm)
Jul 23, 2018
Directory Traversal in fbr-client
High
CVE-2017-16217
was published
for
fbr-client
(npm)
Jul 23, 2018
Directory Traversal in dgard8.lab6
High
CVE-2017-16218
was published
for
dgard8.lab6
(npm)
Jul 23, 2018
mime Regular Expression Denial of Service when MIME lookup performed on untrusted user input
High
CVE-2017-16138
was published
for
mime
(npm)
Jul 20, 2018
Denial of Service vulnerability with large JSON payloads in fastify
High
CVE-2018-3711
was published
for
fastify
(npm)
Jul 18, 2018
Path Traversal in crud-file-server
High
CVE-2018-3733
was published
for
crud-file-server
(npm)
Jul 18, 2018
Withdrawn Advisory: mariadb was malware
High
CVE-2017-16046
was published
for
mariadb
(npm)
Jul 18, 2018
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API