Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

4,123 advisories

Loading
Directory Traversal in easyquick Moderate
CVE-2017-16109 was published for easyquick (npm) Aug 29, 2018
nodeffmpeg is malware High
CVE-2017-16069 was published for nodeffmpeg (npm) Aug 29, 2018
nodecaffe is malware High
CVE-2017-16070 was published for nodecaffe (npm) Aug 29, 2018
nodemailer-js is malware High
CVE-2017-16071 was published for nodemailer-js (npm) Aug 29, 2018
nodemailer.js is malware High
CVE-2017-16072 was published for nodemailer.js (npm) Aug 29, 2018
openssl.js is malware High
CVE-2017-16065 was published for openssl.js (npm) Aug 29, 2018
opencv.js is malware High
CVE-2017-16066 was published for opencv.js (npm) Aug 29, 2018
node-opencv is malware High
CVE-2017-16067 was published for node-opencv (npm) Aug 29, 2018
ffmepg is malware High
CVE-2017-16068 was published for ffmepg (npm) Aug 29, 2018
babelcli is malware High
CVE-2017-16060 was published for babelcli (npm) Aug 29, 2018
Mosca REDoS Vulnerability High
CVE-2018-11615 was published for mosca (npm) Aug 31, 2018
Pandao editor.md vulnerable to XSS in IMG attributes Moderate
CVE-2018-16330 was published for editor.md (npm) Sep 6, 2018
simplehttpserver allows directory traversal and file listing High
CVE-2018-3787 was published for simplehttpserver (npm) Sep 6, 2018
Command Injection in macaddress Critical
CVE-2018-13797 was published for macaddress (npm) Sep 6, 2018
Sensitive Data Exposure in msrcrypto Critical
CVE-2018-8319 was published for msrcrypto (npm) Sep 10, 2018
SQL Injection in query-mysql High
CVE-2018-3754 was published for query-mysql (npm) Sep 10, 2018
Insufficient Entropy in cryptiles Critical
CVE-2018-1000620 was published for cryptiles (npm) Sep 11, 2018
jkmartindale
Cross-Site Scripting in exceljs Moderate
CVE-2018-16459 was published for exceljs (npm) Sep 11, 2018
Bootstrap Cross-site Scripting vulnerability Moderate
CVE-2018-14041 was published for bootstrap (RubyGems) Sep 13, 2018
jenhae
Bootstrap Cross-site Scripting vulnerability Moderate
CVE-2018-14042 was published for bootstrap (RubyGems) Sep 13, 2018
tdunlap607 1Jesper1
noderequest is malware High
CVE-2017-16073 was published for noderequest (npm) Sep 17, 2018
Command Injection in egg-scripts Critical
CVE-2018-3786 was published for egg-scripts (npm) Sep 17, 2018
tdunlap607
ps Enables OS Command Injection Critical
CVE-2018-16460 was published for ps (npm) Sep 17, 2018
js-bson vulnerable to REDoS High
CVE-2018-13863 was published for bson (npm) Sep 17, 2018
Path Traversal in html-pages Critical
CVE-2018-3744 was published for html-pages (npm) Sep 18, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database