GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
15 advisories
Filter by severity
ghtml Cross-Site Scripting (XSS) vulnerability
High
CVE-2024-37166
was published
for
ghtml
(npm)
Jun 10, 2024
pullit vulnerable to command injection
High
CVE-2018-25083
was published
for
pullit
(npm)
Sep 3, 2020
Denial of Service vulnerability in lite-web-server
High
CVE-2023-26104
was published
for
lite-web-server
(npm)
Feb 25, 2023
Path traversal vulnerability in glance
Moderate
CVE-2022-25937
was published
for
glance
(npm)
Feb 13, 2023
OS Command Injection in git-promise
High
CVE-2022-24376
was published
for
git-promise
(npm)
Jun 11, 2022
Command injection in git-interface
Critical
CVE-2022-1440
was published
for
git-interface
(npm)
Apr 23, 2022
Directory Traversal vulnerability in serve-lite
High
CVE-2022-21192
was published
for
serve-lite
(npm)
Jan 26, 2023
Cross-site Scripting (XSS) in serve-lite
Moderate
CVE-2022-25847
was published
for
serve-lite
(npm)
Jan 26, 2023
lite-server vulnerable to Denial of Service
High
CVE-2022-25940
was published
for
lite-server
(Maven)
Dec 20, 2022
lite-dev-server vulnerable to Directory Traversal
High
CVE-2022-25895
was published
for
lite-dev-server
(npm)
Dec 21, 2022
easy-static-server vulnerable to Directory Traversal
High
CVE-2022-25931
was published
for
easy-static-server
(npm)
Dec 20, 2022
static-dev-server vulnerable to path traversal
High
CVE-2022-25848
was published
for
static-dev-server
(npm)
Nov 29, 2022
OS Command Injection in git-pull-or-clone
Critical
CVE-2022-24437
was published
for
git-pull-or-clone
(npm)
May 3, 2022
ProTip!
Advisories are also available from the
GraphQL API