Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,296 advisories

Loading
Denial of Service in ipfs-bitswap Moderate
GHSA-6fcr-9h9g-23fq was published for ipfs-bitswap (npm) Sep 2, 2020
mprpic
HTML Injection in marky-markdown Moderate
GHSA-pxmp-fwjc-4x7q was published for marky-markdown (npm) Sep 3, 2020
Buffer Overflow in node-weakauras-parser Moderate
GHSA-86mr-6m89-vgj3 was published for node-weakauras-parser (npm) Sep 3, 2020
Prototype Pollution in sds Moderate
CVE-2020-7618 was published for sds (npm) Sep 3, 2020
Cross-Site Scripting in @berslucas/liljs Moderate
GHSA-c53x-wwx2-pg96 was published for @berslucas/liljs (npm) Sep 3, 2020
Open Redirect in apostrophe Moderate
GHSA-h97g-4mx7-5p2p was published for apostrophe (npm) Sep 3, 2020
Reverse Tabnabbing in quill Moderate
GHSA-588m-9qg5-35pq was published for quill (npm) Sep 3, 2020
Local File Inclusion in domokeeper Moderate
GHSA-cr67-78jr-j94p was published for domokeeper (npm) Sep 3, 2020
Denial of Service in sequelize Moderate
GHSA-fw4p-36j9-rrj3 was published for sequelize (npm) Sep 3, 2020
Path Traversal in public Moderate
GHSA-4vvp-x9h2-x2vf was published for public (npm) Sep 3, 2020
Regular Expression Denial of Service in simple-markdown Moderate
GHSA-4xf9-pgvv-xx67 was published for simple-markdown (npm) Sep 3, 2020
tdunlap607
Unintended Require in larvitbase-www Moderate
GHSA-88h9-fc6v-jcw7 was published for larvitbase-www (npm) Sep 3, 2020
Cross-Site Scripting in mavon-editor Moderate
GHSA-jfcc-rm7f-xgf8 was published for mavon-editor (npm) Sep 3, 2020
Configuration Override in helmet-csp Moderate
GHSA-c3m8-x3cg-qm2c was published for helmet-csp (npm) Sep 3, 2020
Sensitive Data Exposure in ibm_db Moderate
GHSA-p77h-hv6g-fmfp was published for ibm_db (npm) Sep 3, 2020
Denial of Service in http-live-simulator Moderate
GHSA-xgp2-cc4r-7vf6 was published for http-live-simulator (npm) Sep 3, 2020
Insecure Cryptography Algorithm in simple-crypto-js Moderate
GHSA-5v7r-jg9r-vq44 was published for simple-crypto-js (npm) Sep 3, 2020
tdunlap607
Authentication Bypass in saml2-js Moderate
GHSA-mfcp-34xw-p57x was published for saml2-js (npm) Sep 3, 2020
Denial of Service in handlebars Moderate
GHSA-f52g-6jhx-586p was published for handlebars (npm) Sep 3, 2020
Sandbox Breakout / Prototype Pollution in notevil Moderate
GHSA-9gxr-rhx6-4jgv was published for notevil (npm) Sep 4, 2020
Cross-Site Scripting in react Moderate
CVE-2013-7035 was published for react (npm) Sep 4, 2020
tdunlap607
Outdated Static Dependency in vue-moment Moderate
GHSA-hrpp-f84w-xhfg was published for vue-moment (npm) Sep 4, 2020
Cross-Site Scripting in @hapi/boom Moderate
GHSA-2ggq-vfcp-gwhj was published for @hapi/boom (npm) Sep 4, 2020
tdunlap607
yargs-parser Vulnerable to Prototype Pollution Moderate
CVE-2020-7608 was published for yargs-parser (npm) Sep 4, 2020
Lack of URL normalization may lead to authorization bypass when URL access rules are used Moderate
CVE-2020-24660 was published for lemonldap-ng-handler (npm) Sep 9, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database