Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,014 advisories

Loading
Malicious Package in rimrafall Critical
GHSA-8hq2-fcqm-39hq was published for rimrafall (npm) Sep 2, 2020
Malicious Package in kraken-api Critical
GHSA-fgfj-rj24-mj7q was published for kraken-api (npm) Sep 2, 2020
Malicious Package in font-scrubber Critical
GHSA-65j7-66p7-9xgf was published for font-scrubber (npm) Sep 2, 2020
Malicious Package in ngx-pica Critical
GHSA-76wf-2xcf-6wmx was published for ngx-pica (npm) Sep 3, 2020
Malicious Package in pm-controls Critical
GHSA-84qj-9qf2-q92r was published for pm-controls (npm) Sep 3, 2020
Malicious Package in jekyll-for-github-projects Critical
GHSA-j5qg-46p9-w2rp was published for jekyll-for-github-projects (npm) Sep 3, 2020
Malicious Package in leaflet-gpx Critical
GHSA-gjc9-932x-c59p was published for leaflet-gpx (npm) Sep 3, 2020
Malicious Package in libubx Critical
GHSA-m7xv-7p93-g6q8 was published for libubx (npm) Sep 3, 2020
Malicious Package in radicjs Critical
GHSA-56r9-v65c-34jm was published for radicjs (npm) Sep 3, 2020
Malicious Package in vue-backbone Critical
GHSA-5635-9mvj-r6hp was published for vue-backbone (npm) Sep 3, 2020
Malicious Package in mx-nested-menu Critical
GHSA-48hw-37g6-3gw4 was published for mx-nested-menu (npm) Sep 3, 2020
Malicious Package in maleficent Critical
GHSA-cr5w-6rv4-r2qg was published for maleficent (npm) Sep 3, 2020
Command Injection in node-wifi Critical
GHSA-4x6x-782q-jfc4 was published for node-wifi (npm) Sep 3, 2020
Improper Authorization in react-oauth-flow Critical
GHSA-65m9-m259-7jqw was published for react-oauth-flow (npm) Sep 3, 2020
Command Injection in priest-runner Critical
GHSA-9px9-f7jw-fwhj was published for priest-runner (npm) Sep 3, 2020
Path Traversal in sapper Critical
GHSA-f3vw-587g-r29g was published for sapper (npm) Sep 3, 2020
Malicious Package in m-backdoor Critical
GHSA-vv52-3mrp-455m was published for m-backdoor (npm) Sep 3, 2020
Malicious Package in smartsearchwp Critical
GHSA-fgp6-8g62-qx6w was published for smartsearchwp (npm) Sep 3, 2020
Malicious Package in web3-eht Critical
GHSA-29fh-xcjr-p7rx was published for web3-eht (npm) Sep 3, 2020
Malicious Package in wbe3 Critical
GHSA-hg7w-2pf7-mxm2 was published for wbe3 (npm) Sep 3, 2020
Malicious Package in we3b Critical
GHSA-36r8-9qq7-mh43 was published for we3b (npm) Sep 3, 2020
Malicious Package in wallet-address-vaildator Critical
GHSA-m6q2-9pfm-2wvr was published for wallet-address-vaildator (npm) Sep 3, 2020
Arbitrary Code Execution in require-node Critical
GHSA-8j6j-4h2c-c65p was published for require-node (npm) Sep 3, 2020
Malicious Package in wallet-address-validtaor Critical
GHSA-pc7q-c837-3wjq was published for wallet-address-validtaor (npm) Sep 3, 2020
Malicious Package in singale Critical
GHSA-crfh-jmv2-2f9v was published for singale (npm) Sep 3, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database