GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
844
Swift
36
Unreviewed advisories
All unreviewed
5,000+
15 advisories
Filter by severity
Vendure asset server plugin has local file read vulnerability with AssetServerPlugin & LocalAssetStorageStrategy
Critical
CVE-2024-48914
was published
for
@vendure/asset-server-plugin
(npm)
Oct 15, 2024
Agnai vulnerable to Remote Code Execution via JS Upload using Directory Traversal
Critical
CVE-2024-47169
was published
for
agnai
(npm)
Sep 26, 2024
Jan path traversal vulnerability
Critical
CVE-2024-37273
was published
for
@janhq/core
(npm)
Jun 4, 2024
Stimulsoft Dashboard.JS directory traversal vulnerability
Critical
CVE-2024-24398
was published
for
stimulsoft-dashboards-js
(npm)
Feb 6, 2024
Path traversal and code execution via prototype vulnerability
Critical
CVE-2023-26045
was published
for
nodebb
(npm)
Jul 25, 2023
Path traversal in rollup-plugin-serve
Critical
CVE-2020-7684
was published
for
rollup-plugin-serve
(npm)
May 18, 2021
Arbitrary File Write in iobroker.admin
Critical
CVE-2019-10765
was published
for
iobroker.admin
(npm)
Sep 4, 2020
Path Traversal in @wturyn/swagger-injector
Critical
GHSA-4x7w-frcq-v4m3
was published
for
@wturyn/swagger-injector
(npm)
Sep 3, 2020
Path Traversal in swagger-injector
Critical
GHSA-v4x8-gw49-7hv4
was published
for
swagger-injector
(npm)
Sep 3, 2020
ProTip!
Advisories are also available from the
GraphQL API