Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,859 advisories

Loading
Malicious Package in angular-bmap Critical
GHSA-w8hg-mxvh-9h57 was published for angular-bmap (npm) Sep 1, 2020
Malicious Package in freshdom Critical
GHSA-8qm2-24qc-c4qg was published for freshdom (npm) Sep 1, 2020
Malicious Package in ladder-text-js Critical
GHSA-33gc-f8v9-v8hm was published for ladder-text-js (npm) Sep 1, 2020
Improper Authorization in react-oauth-flow Critical
GHSA-65m9-m259-7jqw was published for react-oauth-flow (npm) Sep 3, 2020
Malicious Package in m-backdoor Critical
GHSA-vv52-3mrp-455m was published for m-backdoor (npm) Sep 3, 2020
Malicious Package in soket.io Critical
GHSA-wp2p-q35g-3rjj was published for soket.io (npm) Sep 1, 2020
Malicious Package in portionfatty12 Critical
GHSA-p8fm-w787-x6x3 was published for portionfatty12 (npm) Sep 2, 2020
Malicious Package in foever Critical
GHSA-j3qq-qvc8-c6g7 was published for foever (npm) Sep 1, 2020
Malicious Package in eslint-config-airbnb-standard Critical
GHSA-m852-866j-69j8 was published for eslint-config-airbnb-standard (npm) Sep 1, 2020
Malicious Package in flatmap-stream Critical
GHSA-9x64-5r7x-2q53 was published for flatmap-stream (npm) Sep 1, 2020
Malicious code in `electorn` Critical
GHSA-38hx-3542-8fh3 was published for electorn (npm) Oct 1, 2020
Malicious Package in reques Critical
GHSA-g8jc-mm3c-cwhj was published for reques (npm) Sep 2, 2020
Malicious Package in whiteproject Critical
GHSA-8j7x-pr59-m5h8 was published for whiteproject (npm) Sep 2, 2020
Malicious Package in blubird Critical
GHSA-rvww-x6m4-4vc2 was published for blubird (npm) Sep 11, 2020
Malicious Package in equest Critical
GHSA-mvch-rh6h-2m47 was published for equest (npm) Sep 11, 2020
Malicious Package in reqest Critical
GHSA-hg5q-rj62-c43g was published for reqest (npm) Sep 2, 2020
Malicious Package in 4equest Critical
GHSA-p33q-w45h-2hcj was published for 4equest (npm) Sep 2, 2020
Malicious Package in requesst Critical
GHSA-6c37-2rw5-9j7x was published for requesst (npm) Sep 2, 2020
Malicious Package in carloprojectdiscord Critical
GHSA-9rwj-8mh9-4876 was published for carloprojectdiscord (npm) Sep 2, 2020
Exposure of Sensitive information in authentikat-jwt Critical
CVE-2017-18239 was published for com.jason-goodwin:authentikat-jwt_2.12 (Maven) Nov 9, 2018
Command Injection in node-wifi Critical
GHSA-4x6x-782q-jfc4 was published for node-wifi (npm) Sep 3, 2020
Malicious Package in grunt-radical Critical
GHSA-4627-w373-375v was published for grunt-radical (npm) Sep 11, 2020
Malicious Package in electron-native-notify Critical
GHSA-j8qr-rvcv-crhv was published for electron-native-notify (npm) Sep 11, 2020
Malicious Package in vue-backbone Critical
GHSA-5635-9mvj-r6hp was published for vue-backbone (npm) Sep 3, 2020
Malicious Package in react-datepicker-plus Critical
GHSA-4wcx-c9c4-89p2 was published for react-datepicker-plus (npm) Sep 11, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database