Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

975 advisories

Loading
Regular Expression Denial of Service in charset High
CVE-2017-16098 was published for charset (npm) Aug 9, 2018
tdunlap607
Directory Traversal in desafio Moderate
CVE-2017-16164 was published for desafio (npm) Aug 6, 2018
Directory Traversal in jikes Moderate
CVE-2017-16139 was published for jikes (npm) Aug 6, 2018
Directory Traversal in elding Moderate
CVE-2017-16222 was published for elding (npm) Aug 6, 2018
Directory Traversal in ritp High
CVE-2017-16198 was published for ritp (npm) Aug 6, 2018
Downloads Resources over HTTP in react-native-baidu-voice-synthesizer High
CVE-2016-10697 was published for react-native-baidu-voice-synthesizer (npm) Jul 31, 2018
Downloads Resources over HTTP in alto-saxophone High
CVE-2016-10694 was published for alto-saxophone (npm) Jul 31, 2018
Downloads Resources over HTTP in haxeshim High
CVE-2016-10692 was published for haxeshim (npm) Jul 31, 2018
windows-seleniumjar downloads Resources over HTTP High
CVE-2016-10691 was published for windows-seleniumjar (npm) Jul 31, 2018
Remote Code Execution in markdown-pdf Moderate
CVE-2018-3770 was published for markdown-pdf (npm) Jul 27, 2018
Downloads Resources over HTTP in mystem-fix High
CVE-2016-10698 was published for mystem-fix (npm) Jul 27, 2018
Directory Traversal in cyber-js High
CVE-2017-16093 was published for cyber-js (npm) Jul 27, 2018
Prototype Pollution in lodash Moderate
CVE-2018-3721 was published for lodash (npm) Jul 26, 2018
Path Traversal in glance Moderate
CVE-2018-3715 was published for glance (npm) Jul 26, 2018
Regular Expression Denial of Service in tough-cookie High
CVE-2017-15010 was published for tough-cookie (npm) Jul 24, 2018
tdunlap607
Regular Expression Denial of Service in content High
CVE-2017-16111 was published for content (npm) Jul 24, 2018
Remote Code Execution in pg Critical
CVE-2017-16082 was published for pg (npm) Jul 24, 2018
Directory Traversal in node-simple-router High
CVE-2017-16083 was published for node-simple-router (npm) Jul 24, 2018
Directory Traversal in f2e-server High
CVE-2017-16038 was published for f2e-server (npm) Jul 24, 2018
Directory Traversal in hftp High
CVE-2017-16039 was published for hftp (npm) Jul 24, 2018
Directory Traversal in gomeplus-h5-proxy High
CVE-2017-16037 was published for gomeplus-h5-proxy (npm) Jul 24, 2018
Directory Traversal in badjs-sourcemap-server High
CVE-2017-16036 was published for badjs-sourcemap-server (npm) Jul 24, 2018
hubl-server downloads resources over HTTP High
CVE-2017-16035 was published for hubl-server (npm) Jul 24, 2018
Directory Traversal in tinyserver2 High
CVE-2017-16085 was published for tinyserver2 (npm) Jul 24, 2018
Directory Traversal in list-n-stream High
CVE-2017-16084 was published for list-n-stream (npm) Jul 24, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database