Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

555 advisories

Loading
Directory Traversal in hostr High
CVE-2017-16029 was published for hostr (npm) Nov 9, 2018
Path Traversal in knightjs High
CVE-2018-16475 was published for knightjs (npm) Nov 6, 2018
Path Traversal in minsoft:ms-mcms High
CVE-2018-18831 was published for net.mingsoft:ms-mcms (Maven) Nov 1, 2018
High severity vulnerability that affects org.dspace:dspace-xmlui High
CVE-2016-10726 was published for org.dspace:dspace-xmlui (Maven) Oct 19, 2018
Improper Limitation of a Pathname ('Path Traversal') in org.apache.solr:solr-core High
CVE-2017-3163 was published for org.apache.solr:solr-core (Maven) Oct 18, 2018
Unzip function in ZipUtil.java in Hutool allows remote attackers to overwrite arbitrary files via directory traversal High
CVE-2018-17297 was published for cn.hutool:hutool-all (Maven) Oct 17, 2018
In blynk-server a Directory Traversal exists High
CVE-2018-17785 was published for com.github.blynkkk:blynk-server (Maven) Oct 17, 2018
High severity vulnerability that affects DotNetZip High
CVE-2018-1002205 was published for DotNetZip (NuGet) Oct 16, 2018
Pivotal Spring Framework Paths provided to the ResourceServlet were not properly sanitized High
CVE-2016-9878 was published for org.springframework:spring-webmvc (Maven) Oct 4, 2018
sunSUNQ
Spark allows remote attackers to read arbitrary files via a .. (dot dot) in the URI High
CVE-2016-9177 was published for com.sparkjava:spark-core (Maven) Oct 4, 2018
Path Traversal in buttle High
CVE-2018-3766 was published for buttle (npm) Sep 18, 2018
simplehttpserver allows directory traversal and file listing High
CVE-2018-3787 was published for simplehttpserver (npm) Sep 6, 2018
Directory Traversal in ritp High
CVE-2017-16198 was published for ritp (npm) Aug 6, 2018
Path Traversal in mcstatic High
CVE-2018-3730 was published for mcstatic (npm) Jul 27, 2018
Directory Traversal in cyber-js High
CVE-2017-16093 was published for cyber-js (npm) Jul 27, 2018
Path Traversal in hekto High
CVE-2018-3725 was published for hekto (npm) Jul 26, 2018
Path Traversal in general-file-server High
CVE-2018-3724 was published for general-file-server (npm) Jul 26, 2018
Path Traversal in localhost-now High
CVE-2018-3729 was published for localhost-now (npm) Jul 25, 2018
Directory Traversal in node-simple-router High
CVE-2017-16083 was published for node-simple-router (npm) Jul 24, 2018
Directory Traversal in f2e-server High
CVE-2017-16038 was published for f2e-server (npm) Jul 24, 2018
Directory Traversal in hftp High
CVE-2017-16039 was published for hftp (npm) Jul 24, 2018
Directory Traversal in gomeplus-h5-proxy High
CVE-2017-16037 was published for gomeplus-h5-proxy (npm) Jul 24, 2018
Directory Traversal in badjs-sourcemap-server High
CVE-2017-16036 was published for badjs-sourcemap-server (npm) Jul 24, 2018
Directory Traversal in tinyserver2 High
CVE-2017-16085 was published for tinyserver2 (npm) Jul 24, 2018
Directory Traversal in list-n-stream High
CVE-2017-16084 was published for list-n-stream (npm) Jul 24, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database