Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,596 advisories

Loading
Downloads Resources over HTTP in prince High
CVE-2016-10591 was published for prince (npm) Feb 18, 2019
selenium-binaries downloads resources over HTTP High
CVE-2016-10589 was published for selenium-binaries (npm) Feb 18, 2019
Downloads Resources over HTTP in wasdk High
CVE-2016-10587 was published for wasdk (npm) Feb 18, 2019
Downloads Resources over HTTP in libxl High
CVE-2016-10585 was published for libxl (npm) Feb 18, 2019
steroids downloads resources over HTTP High
CVE-2016-10581 was published for steroids (npm) Feb 18, 2019
Downloads Resources over HTTP in kindlegen High
CVE-2016-10575 was published for kindlegen (npm) Feb 18, 2019
Downloads Resources over HTTP in baryton-saxophone High
CVE-2016-10573 was published for baryton-saxophone (npm) Feb 18, 2019
Downloads Resources over HTTP in embedza High
CVE-2016-10569 was published for embedza (npm) Feb 18, 2019
Downloads Resources over HTTP in product-monitor High
CVE-2016-10567 was published for product-monitor (npm) Feb 18, 2019
Downloads Resources over HTTP in operadriver High
CVE-2016-10565 was published for operadriver (npm) Feb 18, 2019
Denial of Service in mqtt-packet High
CVE-2016-10523 was published for mqtt-packet (npm) Feb 18, 2019
Regular Expression Denial of Service in jshamcrest High
CVE-2016-10521 was published for jshamcrest (npm) Feb 18, 2019
Denial of Service and Content Injection in i18n-node-angular High
CVE-2016-10524 was published for i18n-node-angular (npm) Feb 18, 2019
Regular Expression Denial of Service in riot-compiler High
CVE-2016-10527 was published for riot-compiler (npm) Feb 18, 2019
No CSRF Validation in droppy High
CVE-2016-10529 was published for droppy (npm) Feb 18, 2019
Timing Attack in csrf-lite High
CVE-2016-10535 was published for csrf-lite (npm) Feb 18, 2019
Sails before 0.12.7 vulnerable to Broken CORS High
CVE-2016-10549 was published for sails (npm) Feb 18, 2019
appium-chromedriver downloads Resources over HTTP High
CVE-2016-10557 was published for appium-chromedriver (npm) Feb 18, 2019
Downloads Resources over HTTP in selenium-download High
CVE-2016-10559 was published for selenium-download (npm) Feb 18, 2019
openframe-ascii-image downloads Resources over HTTP High
CVE-2016-10690 was published for openframe-ascii-image (npm) Feb 18, 2019
Downloads Resources over HTTP in windows-iedriver High
CVE-2016-10689 was published for windows-iedriver (npm) Feb 18, 2019
Downloads Resources over HTTP in pk-app-wonderbox High
CVE-2016-10685 was published for pk-app-wonderbox (npm) Feb 18, 2019
Downloads Resources over HTTP in healthcenter High
CVE-2016-10684 was published for healthcenter (npm) Feb 18, 2019
Downloads Resources over HTTP in serc.js High
CVE-2016-10678 was published for serc.js (npm) Feb 18, 2019
Downloads Resources over HTTP in google-closure-tools-latest High
CVE-2016-10677 was published for google-closure-tools-latest (npm) Feb 18, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database