GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
62 advisories
Filter by severity
mapshaper Path Traversal vulnerability
Moderate
CVE-2024-1163
was published
for
mapshaper
(npm)
Feb 13, 2024
Langchain Path Traversal vulnerability
Moderate
CVE-2024-7774
was published
for
langchain
(npm)
Oct 29, 2024
@saltcorn/server arbitrary file zip read and download when downloading auto backups
Moderate
GHSA-277h-px4m-62q8
was published
for
@saltcorn/server
(npm)
Oct 3, 2024
@jmondi/url-to-png contains a Path Traversal vulnerability
Moderate
CVE-2024-39918
was published
for
@jmondi/url-to-png
(npm)
Jul 15, 2024
Arbitrary file read via Playwright's screenshot feature exploiting file wrapper
Moderate
CVE-2024-37169
was published
for
@jmondi/url-to-png
(npm)
Jun 5, 2024
Oceanic allows unsanitized user input to lead to path traversal in URLs
Moderate
CVE-2024-34712
was published
for
oceanic.js
(npm)
May 14, 2024
Uptime Kuma's authenticated path traversal via plugin repository name may lead to unavailability or data loss
Moderate
CVE-2023-36822
was published
for
uptime-kuma
(npm)
May 1, 2024
Hono vulnerable to Restricted Directory Traversal in serveStatic with deno
Moderate
CVE-2024-32869
was published
for
hono
(npm)
Apr 23, 2024
@hono/node-server cannot handle "double dots" in URL
Moderate
CVE-2024-23340
was published
for
@hono/node-server
(npm)
Jan 23, 2024
Directory Traversal in evershop
Moderate
CVE-2023-46497
was published
for
@evershop/evershop
(npm)
Dec 8, 2023
Directory Traversal in evershop
Moderate
CVE-2023-46493
was published
for
@evershop/evershop
(npm)
Dec 8, 2023
Directory Traversal in Gladys Assistant
Moderate
CVE-2023-47440
was published
for
gladys
(npm)
Dec 7, 2023
n8n Directory Traversal vulnerability
Moderate
CVE-2023-27562
was published
for
n8n
(npm)
May 10, 2023
Gatsby develop server has Local File Inclusion vulnerability
Moderate
CVE-2023-34238
was published
for
gatsby
(npm)
Jun 9, 2023
Ghost vulnerable to arbitrary file read via symlinks in content import
Moderate
CVE-2023-40028
was published
for
ghost
(npm)
Aug 15, 2023
Cloudflare Wrangler directory traversal vulnerability
Moderate
CVE-2023-3348
was published
for
wrangler
(npm)
Aug 3, 2023
@simonsmith/cypress-image-snapshothas fix for insecure snapshot file names
Moderate
CVE-2023-38695
was published
for
@simonsmith/cypress-image-snapshot
(npm)
Aug 1, 2023
Path traversal vulnerability in gatsby-plugin-sharp
Moderate
CVE-2023-30548
was published
for
gatsby-plugin-sharp
(npm)
Apr 20, 2023
Arbitrary File Write via Archive Extraction in unzipper
Moderate
CVE-2018-1002203
was published
for
unzipper
(npm)
Jul 27, 2018
Path Traversal in simplehttpserver
Moderate
CVE-2018-16478
was published
for
simplehttpserver
(npm)
Dec 6, 2018
m-server Vulnerable to Directory Traversal
Moderate
CVE-2018-16485
was published
for
m-server
(npm)
Feb 18, 2019
Arbitrary File Write in adm-zip
Moderate
CVE-2018-1002204
was published
for
adm-zip
(npm)
Jul 27, 2018
Path Traversal in statichttpserver
Moderate
CVE-2019-5480
was published
for
statichttpserver
(npm)
Sep 4, 2019
Directory Traversal in easyquick
Moderate
CVE-2017-16109
was published
for
easyquick
(npm)
Aug 29, 2018
ProTip!
Advisories are also available from the
GraphQL API