Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,507
Maven
5,000+
npm
4,149
NuGet
736
pip
3,949
Pub
12
RubyGems
946
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,610 advisories

Loading
Improper Key Verification in ipns High
GHSA-j59f-6m4q-62h6 was published for ipns (npm) May 30, 2019
mprpic
Arbitrary File Overwrite in fstream High
CVE-2019-13173 was published for fstream (npm) May 30, 2019
Directory Traversal in ltt.js High
GHSA-6qh5-wx38-q92g was published for ltt.js (npm) May 30, 2019
Server-Side Request Forgery in terriajs-server High
GHSA-p72p-rjr2-r439 was published for terriajs-server (npm) May 29, 2019
Command Injection in fs-git High
CVE-2017-16087 was published for fs-git (npm) May 29, 2019
Denial of Service in axios High
CVE-2019-10742 was published for axios (npm) May 29, 2019
tdunlap607
Improper Input Validation and Buffer Over-read in mqtt-packet High
CVE-2019-5432 was published for mqtt-packet (npm) May 14, 2019
Arbitrary File Overwrite in tar High
CVE-2018-20834 was published for tar (npm) May 1, 2019
Improper Input Validation in tar-fs High
CVE-2018-20835 was published for tar-fs (npm) May 1, 2019
SQL Injection in sequelize High
CVE-2019-11069 was published for sequelize (npm) Apr 11, 2019
tdunlap607
Path Traversal in http-live-simulator High
CVE-2019-5423 was published for http-live-simulator (npm) Apr 8, 2019
Cross-Site Scripting in buttle High
CVE-2019-5422 was published for buttle (npm) Apr 8, 2019
Directory Traversal in serve High
CVE-2019-5417 was published for serve (npm) Mar 25, 2019
Path Traversal in serve High
CVE-2019-5415 was published for serve (npm) Mar 25, 2019
shivakumar-loginsoft
Command Injection in kill-port High
CVE-2019-5414 was published for kill-port (npm) Mar 25, 2019
Path Traversal in localhost-now High
CVE-2019-5416 was published for localhost-now (npm) Mar 25, 2019
Regular Expression Denial of Service in highcharts High
CVE-2018-20801 was published for highcharts (npm) Mar 18, 2019
Path Traversal in total.js High
CVE-2019-8903 was published for total.js (npm) Feb 20, 2019
DoS due to excessively large websocket message in ws High
CVE-2016-10542 was published for ws (npm) Feb 18, 2019
chromedriver Downloads Resources over HTTP High
CVE-2016-10579 was published for chromedriver (npm) Feb 18, 2019
closure-util downloads Resources over HTTP High
CVE-2016-10583 was published for closure-util (npm) Feb 18, 2019
Downloads Resources over HTTP in broccoli-closure High
CVE-2016-10635 was published for broccoli-closure (npm) Feb 18, 2019
dwebp-bin downloads Resources over HTTP High
CVE-2016-10633 was published for dwebp-bin (npm) Feb 18, 2019
Downloads Resources over HTTP in jvminstall High
CVE-2016-10631 was published for jvminstall (npm) Feb 18, 2019
nw-with-arm downloads Resources over HTTP High
CVE-2016-10629 was published for nw-with-arm (npm) Feb 18, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database