Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,296 advisories

Loading
Spoofing attack due to unvalidated KDC in node-krb5 Moderate
CVE-2016-1000238 was published for node-krb5 (npm) Sep 1, 2020
Cross-Site Scripting in c3 Moderate
CVE-2016-1000240 was published for c3 (npm) Sep 1, 2020
tdunlap607
Cross-Site Scripting in gitbook Moderate
CVE-2017-16019 was published for gitbook (npm) Sep 1, 2020
Downloads Resources over HTTP in adamvr-geoip-lite Moderate
CVE-2016-10680 was published for adamvr-geoip-lite (npm) Sep 1, 2020
XSS via Angular Expression in ag-grid Moderate
CVE-2017-16009 was published for ag-grid (npm) Sep 1, 2020
Cross-Site Scripting in jquery Moderate
CVE-2012-6708 was published for jQuery (RubyGems) Sep 1, 2020
klaudialax
Cross-Site Scripting in yui Moderate
CVE-2013-4939 was published for yui (npm) Sep 1, 2020
Directory Traversal in dasafio Moderate
CVE-2017-16179 was published for dasafio (npm) Sep 1, 2020
Tracking Module in botbait Moderate
CVE-2017-16126 was published for botbait (npm) Sep 1, 2020
Nodesass is malware Moderate
CVE-2017-16080 was published for nodesass (npm) Sep 1, 2020
cross-env.js is malware Moderate
CVE-2017-16081 was published for cross-env.js (npm) Sep 1, 2020
Directory Traversal in featurebook Moderate
GHSA-7x92-2j68-h32c was published for featurebook (npm) Sep 1, 2020
Remote Memory Exposure in mongoose Moderate
GHSA-r5xw-q988-826m was published for mongoose (npm) Sep 1, 2020
mprpic
Remote Memory Exposure in openwhisk Moderate
GHSA-53mj-mc38-q894 was published for openwhisk (npm) Sep 1, 2020
Out-of-bounds Read in base64url Moderate
GHSA-rvg8-pwq2-xj7q was published for base64url (npm) Sep 1, 2020
tdunlap607
Remote Memory Exposure in bl Moderate
CVE-2020-8244 was published for bl (npm) Sep 2, 2020
Sandbox Breakout / Arbitrary Code Execution in sandbox Moderate
GHSA-fm4j-4xhm-xpwx was published for sandbox (npm) Sep 2, 2020
Prototype Pollution in smart-extend Moderate
GHSA-f8h3-rqrm-47v9 was published for smart-extend (npm) Sep 2, 2020
Cross-Site Scripting in harp Moderate
GHSA-cx7r-634m-2q2h was published for harp (npm) Sep 2, 2020 withdrawn
Cross-Site Scripting in buttle Moderate
GHSA-pqpp-2363-649v was published for buttle (npm) Sep 2, 2020
Unauthorized File Access in glance Moderate
GHSA-vw7g-jq9m-3q9v was published for glance (npm) Sep 2, 2020
Use-After-Free in puppeteer Moderate
CVE-2019-5786 was published for puppeteer (npm) Sep 2, 2020
HTML Injection in preact Moderate
GHSA-cg48-9hh2-x6mx was published for preact (npm) Sep 2, 2020
Cross-Site Scripting in google-closure-library Moderate
GHSA-r9q4-w3fm-wrm2 was published for google-closure-library (npm) Sep 2, 2020
Sandbox Breakout / Arbitrary Code Execution in value-censorship Moderate
GHSA-xrr6-6ww3-f3qm was published for value-censorship (npm) Sep 2, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database