Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,015 advisories

Loading
Malicious Package in cionstring Critical
GHSA-xh8g-j88w-6v59 was published for cionstring (npm) Sep 3, 2020
Malicious Package in dhkey Critical
GHSA-qxrj-x7rm-2h49 was published for dhkey (npm) Sep 3, 2020
Malicious Package in impala Critical
GHSA-92px-q4w8-hrr5 was published for impala (npm) Sep 1, 2020
Malicious Package in getcookies Critical
GHSA-3cjv-4phw-gvvv was published for getcookies (npm) Sep 1, 2020
Malicious Package in codify Critical
GHSA-2q6w-rxf3-4wc9 was published for codify (npm) Sep 1, 2020
Malicious Package in nothing-js Critical
GHSA-353r-3v84-9pjj was published for nothing-js (npm) Sep 1, 2020
Malicious Package in hdeky Critical
GHSA-255r-pghp-r5wh was published for hdeky (npm) Sep 3, 2020
Malicious Package in scryptys Critical
GHSA-vrxj-4qhw-5vwq was published for scryptys (npm) Sep 3, 2020
Malicious Package in we3b Critical
GHSA-36r8-9qq7-mh43 was published for we3b (npm) Sep 3, 2020
Malicious Package in wbe3 Critical
GHSA-hg7w-2pf7-mxm2 was published for wbe3 (npm) Sep 3, 2020
Malicious Package in commanedr Critical
GHSA-xcgx-27q5-7634 was published for commanedr (npm) Sep 3, 2020
Malicious Package in coinpayment Critical
GHSA-3h99-v4qw-p2h5 was published for coinpayment (npm) Sep 3, 2020
Malicious Package in cxt Critical
GHSA-fpgg-r39h-3x5x was published for cxt (npm) Sep 3, 2020
Insecure Cryptography Algorithm in parsel Critical
GHSA-wqgx-4q47-j2w5 was published for parsel (npm) Sep 4, 2020
Insufficient Entropy in parsel Critical
GHSA-vjvw-wcmw-pr26 was published for parsel (npm) Sep 4, 2020
Command Injection in pdf-image Critical
CVE-2018-3757 was published for pdf-image (npm) Sep 1, 2020
Malicious Package in boogeyman Critical
GHSA-9hc2-w9gg-q6jw was published for boogeyman (npm) Sep 1, 2020
Malicious Package in regenraotr Critical
GHSA-5x7p-gm79-383m was published for regenraotr (npm) Sep 1, 2020
Command Injection in meta-git Critical
GHSA-qcff-ffx3-m25c was published for meta-git (npm) Sep 4, 2020
Command Injection in traceroute Critical
GHSA-rjvj-673q-4hfw was published for traceroute (npm) Sep 4, 2020
Malicious Package in chak Critical
GHSA-9q9m-m2f6-jr5q was published for chak (npm) Sep 2, 2020
Malicious Package in aasync Critical
GHSA-9mjp-gv34-3jcf was published for aasync (npm) Sep 2, 2020
Malicious Package in requeest Critical
GHSA-8vj3-jgcf-77jv was published for requeest (npm) Sep 2, 2020
Malicious Package in requet Critical
GHSA-h44f-769q-j6px was published for requet (npm) Sep 2, 2020
Malicious Package in bowee Critical
GHSA-wgvj-6v57-wjh3 was published for bowee (npm) Sep 2, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database