Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,790
Erlang
36
GitHub Actions
29
Go
2,370
Maven
5,000+
npm
3,994
NuGet
720
pip
3,781
Pub
12
RubyGems
927
Rust
982
Swift
38
Unreviewed advisories
All unreviewed
5,000+

314 advisories

Loading
Path Traversal in marscode High
CVE-2020-7681 was published for marscode (npm) May 7, 2021
Path traversal in servey High
CVE-2020-8214 was published for servey (npm) May 7, 2021
Path Traversal in node-red-contrib-huemagic High
CVE-2021-25864 was published for node-red-contrib-huemagic (npm) Apr 13, 2021
Path Traversal in jsreport-chrome-pdf Moderate
CVE-2020-7762 was published for jsreport-chrome-pdf (npm) Apr 13, 2021
Path traversal in Node-Red Low
CVE-2021-21298 was published for @node-red/runtime (npm) Feb 26, 2021
File System Bounds Escape Moderate
CVE-2020-26299 was published for ftp-srv (npm) Feb 10, 2021
n-timofeev
Path traversal in Node-RED-Dashboard High
CVE-2021-3223 was published for node-red-dashboard (npm) Jan 29, 2021
Arbitrary File Read in phantom-html-to-pdf High
CVE-2020-7763 was published for phantom-html-to-pdf (npm) Nov 6, 2020
Path Traversal in serve High
GHSA-48gc-5j93-5cfq was published for serve (npm) Sep 11, 2020
Arbitrary File Write in iobroker.admin Critical
CVE-2019-10765 was published for iobroker.admin (npm) Sep 4, 2020
Path Traversal in decompress Critical
CVE-2020-12265 was published for decompress (npm) Sep 3, 2020
tdunlap607
Path Traversal in @wturyn/swagger-injector Critical
GHSA-4x7w-frcq-v4m3 was published for @wturyn/swagger-injector (npm) Sep 3, 2020
Path Traversal in swagger-injector Critical
GHSA-v4x8-gw49-7hv4 was published for swagger-injector (npm) Sep 3, 2020
Path Traversal in public Moderate
GHSA-4vvp-x9h2-x2vf was published for public (npm) Sep 3, 2020
Path Traversal in f-serv Critical
GHSA-vx5w-cxch-wwc9 was published for f-serv (npm) Sep 3, 2020
Path Traversal in restify-swagger-jsdoc High
GHSA-gvff-25cc-4f66 was published for restify-swagger-jsdoc (npm) Sep 3, 2020
Path Traversal in zero High
GHSA-crf7-fvjx-863q was published for zero (npm) Sep 3, 2020
Path Traversal in file-static-server High
GHSA-qjfh-xc44-rm9x was published for file-static-server (npm) Sep 3, 2020
Path Traversal in ponse High
GHSA-wfhx-6pcm-7m55 was published for ponse (npm) Sep 3, 2020
Path Traversal in bruteser High
GHSA-v7cp-5326-54fh was published for bruteser (npm) Sep 3, 2020
Path Traversal in sapper Critical
GHSA-f3vw-587g-r29g was published for sapper (npm) Sep 3, 2020
Path Traversal in express-cart High
GHSA-8h8v-6qqm-fwpq was published for express-cart (npm) Sep 1, 2020
Path Traversal in 626 High
CVE-2018-3727 was published for 626 (npm) Sep 1, 2020
Directory Traversal in @vivaxy/here High
GHSA-m4vv-p6fq-jhqp was published for @vivaxy/here (npm) Sep 1, 2020
Directory Traversal in featurebook Moderate
GHSA-7x92-2j68-h32c was published for featurebook (npm) Sep 1, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database