GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
395 advisories
Filter by severity
Directory Traversal in jansenstuffpleasework
High
CVE-2017-16176
was published
for
jansenstuffpleasework
(npm)
Sep 1, 2020
Directory Traversal in section2.madisonjbrooks12
High
CVE-2017-16172
was published
for
section2.madisonjbrooks12
(npm)
Sep 1, 2020
Directory Traversal in shit-server
High
CVE-2017-16147
was published
for
shit-server
(npm)
Sep 1, 2020
sauce-connect downloads Resources over HTTP
High
CVE-2016-10599
was published
for
sauce-connect
(npm)
Feb 18, 2019
windows-seleniumjar downloads Resources over HTTP
High
CVE-2016-10691
was published
for
windows-seleniumjar
(npm)
Jul 31, 2018
Calipso Arbitrary File Write via Archive Extraction (Zip Slip)
High
CVE-2021-23391
was published
for
calipso
(npm)
Jun 8, 2021
dwebp-bin downloads Resources over HTTP
High
CVE-2016-10633
was published
for
dwebp-bin
(npm)
Feb 18, 2019
clang-extra downloads Resources over HTTP
High
CVE-2016-10655
was published
for
clang-extra
(npm)
Feb 18, 2019
dalek-browser-ie downloads Resources over HTTP
High
CVE-2016-10605
was published
for
dalek-browser-ie
(npm)
Feb 18, 2019
Directory Traversal in calmquist.static-server
High
CVE-2017-16165
was published
for
calmquist.static-server
(npm)
Jul 23, 2018
install-nw downloads Resources over HTTP
High
CVE-2016-10566
was published
for
install-nw
(npm)
Feb 18, 2019
Directory Traversal in http_static_simple
High
CVE-2017-16134
was published
for
http_static_simple
(npm)
Jul 23, 2018
chromedriver126 downloads Resources over HTTP
High
CVE-2016-10609
was published
for
chromedriver126
(npm)
Feb 18, 2019
Directory Traversal in commentapp.stetsonwood
High
CVE-2017-16143
was published
for
commentapp.stetsonwood
(npm)
Jul 23, 2018
marionette-socket-host downloads Resources over HTTP
High
CVE-2016-10648
was published
for
marionette-socket-host
(npm)
Aug 15, 2018
Directory Traversal in gaoxiaotingtingting
High
CVE-2017-16108
was published
for
gaoxiaotingtingting
(npm)
Sep 1, 2020
Directory Traversal in fsk-server
High
CVE-2017-16090
was published
for
fsk-server
(npm)
Sep 1, 2020
nodeschnaps downloads resources over HTTP
High
CVE-2016-10622
was published
for
nodeschnaps
(npm)
Feb 18, 2019
ProTip!
Advisories are also available from the
GraphQL API