GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
6,565 advisories
Filter by severity
Directory Traversal in censorify.tanisjr
High
CVE-2017-16157
was published
for
censorify.tanisjr
(npm)
Jul 23, 2018
Directory Traversal in calmquist.static-server
High
CVE-2017-16165
was published
for
calmquist.static-server
(npm)
Jul 23, 2018
Directory Traversal in byucslabsix
High
CVE-2017-16166
was published
for
byucslabsix
(npm)
Jul 23, 2018
Directory Traversal in utahcityfinder
High
CVE-2017-16173
was published
for
utahcityfinder
(npm)
Jul 23, 2018
Directory Traversal in whispercast
High
CVE-2017-16174
was published
for
whispercast
(npm)
Jul 23, 2018
Directory Traversal in ewgaddis.lab6
High
CVE-2017-16175
was published
for
ewgaddis.lab6
(npm)
Jul 23, 2018
Directory Traversal in intsol-package
High
CVE-2017-16178
was published
for
intsol-package
(npm)
Jul 23, 2018
Directory Traversal in open-device
High
CVE-2017-16187
was published
for
open-device
(npm)
Jul 23, 2018
Directory Traversal in getcityapi.yoehoehne
High
CVE-2017-16192
was published
for
getcityapi.yoehoehne
(npm)
Jul 23, 2018
Directory Traversal in quickserver
High
CVE-2017-16196
was published
for
quickserver
(npm)
Jul 23, 2018
Directory Traversal in jn_jj_server
High
CVE-2017-16210
was published
for
jn_jj_server
(npm)
Jul 23, 2018
Directory Traversal in fbr-client
High
CVE-2017-16217
was published
for
fbr-client
(npm)
Jul 23, 2018
Directory Traversal in dgard8.lab6
High
CVE-2017-16218
was published
for
dgard8.lab6
(npm)
Jul 23, 2018
High severity vulnerability that affects Plone and Zope2
High
CVE-2011-2528
was published
for
Plone
(pip)
Jul 23, 2018
Django-piston and Django-tastypie do not properly deserialize YAML data
High
CVE-2011-4103
was published
for
django-piston
(pip)
Jul 23, 2018
ProTip!
Advisories are also available from the
GraphQL API