Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,382 advisories

Loading
Regular Expression Denial of Service in no-case High
CVE-2017-16099 was published for no-case (npm) Jul 24, 2018
ReDoS via long UserAgent header in ua-parser High
CVE-2017-16086 was published for ua-parser (npm) Jul 24, 2018
Directory Traversal in node-simple-router High
CVE-2017-16083 was published for node-simple-router (npm) Jul 24, 2018
Directory Traversal in f2e-server High
CVE-2017-16038 was published for f2e-server (npm) Jul 24, 2018
ikst Downloads Resources over HTTP High
CVE-2017-16041 was published for ikst (npm) Jul 24, 2018
Directory Traversal in hftp High
CVE-2017-16039 was published for hftp (npm) Jul 24, 2018
Directory Traversal in gomeplus-h5-proxy High
CVE-2017-16037 was published for gomeplus-h5-proxy (npm) Jul 24, 2018
Directory Traversal in badjs-sourcemap-server High
CVE-2017-16036 was published for badjs-sourcemap-server (npm) Jul 24, 2018
hubl-server downloads resources over HTTP High
CVE-2017-16035 was published for hubl-server (npm) Jul 24, 2018
Directory Traversal in tinyserver2 High
CVE-2017-16085 was published for tinyserver2 (npm) Jul 24, 2018
Directory Traversal in list-n-stream High
CVE-2017-16084 was published for list-n-stream (npm) Jul 24, 2018
Directory Traversal in iter-http High
CVE-2017-16094 was published for iter-http (npm) Jul 24, 2018
Directory Traversal in sencisho High
CVE-2017-16092 was published for sencisho (npm) Jul 24, 2018
Directory traversal in pooledwebsocket High
CVE-2017-16107 was published for pooledwebsocket (npm) Jul 24, 2018
Directory Traversal in citypredict.whauwiller High
CVE-2017-16104 was published for citypredict.whauwiller (npm) Jul 24, 2018
Directory Traversal in tmock High
CVE-2017-16106 was published for tmock (npm) Jul 23, 2018
Directory Traversal in node-server-forfront High
CVE-2017-16124 was published for node-server-forfront (npm) Jul 23, 2018
Directory Traversal in datachannel-client High
CVE-2017-16121 was published for datachannel-client (npm) Jul 23, 2018
Directory Traversal in rtcmulticonnection-client High
CVE-2017-16125 was published for rtcmulticonnection-client (npm) Jul 23, 2018
Directory Traversal in http_static_simple High
CVE-2017-16134 was published for http_static_simple (npm) Jul 23, 2018
Directory Traversal in exxxxxxxxxxx High
CVE-2017-16130 was published for exxxxxxxxxxx (npm) Jul 23, 2018
d3.js is malware High
CVE-2017-16044 was published for d3.js (npm) Jul 23, 2018
node-sqlite is malware High
CVE-2017-16048 was published for node-sqlite (npm) Jul 23, 2018
jquery.js is malware High
CVE-2017-16045 was published for jquery.js (npm) Jul 23, 2018
7h3Rabbit
nodesqlite is malware High
CVE-2017-16049 was published for nodesqlite (npm) Jul 23, 2018
ProTip! Advisories are also available from the GraphQL API