Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,859 advisories

Loading
Malicious Package in dhkey Critical
GHSA-qxrj-x7rm-2h49 was published for dhkey (npm) Sep 3, 2020
Malicious Package in singale Critical
GHSA-crfh-jmv2-2f9v was published for singale (npm) Sep 3, 2020
Malicious Package in wbe3 Critical
GHSA-hg7w-2pf7-mxm2 was published for wbe3 (npm) Sep 3, 2020
Malicious Package in commanedr Critical
GHSA-xcgx-27q5-7634 was published for commanedr (npm) Sep 3, 2020
Malicious Package in coinpayment Critical
GHSA-3h99-v4qw-p2h5 was published for coinpayment (npm) Sep 3, 2020
Malicious Package in cxt Critical
GHSA-fpgg-r39h-3x5x was published for cxt (npm) Sep 3, 2020
Malicious Package in hdeky Critical
GHSA-255r-pghp-r5wh was published for hdeky (npm) Sep 3, 2020
Malicious Package in scryptys Critical
GHSA-vrxj-4qhw-5vwq was published for scryptys (npm) Sep 3, 2020
Malicious Package in we3b Critical
GHSA-36r8-9qq7-mh43 was published for we3b (npm) Sep 3, 2020
Malicious Package in awesome_react_utility Critical
GHSA-m25q-fwg4-9v2p was published for awesome_react_utility (npm) Sep 1, 2020
Malicious Package in json-serializer Critical
GHSA-7xfq-xh6v-4mrm was published for json-serializer (npm) Sep 1, 2020
Malicious Package in dynamo-schema Critical
GHSA-vp8g-53fw-r9f2 was published for dynamo-schema (npm) Sep 1, 2020
Command Injection in meta-git Critical
GHSA-qcff-ffx3-m25c was published for meta-git (npm) Sep 4, 2020
Command Injection in traceroute Critical
GHSA-rjvj-673q-4hfw was published for traceroute (npm) Sep 4, 2020
Insecure Cryptography Algorithm in parsel Critical
GHSA-wqgx-4q47-j2w5 was published for parsel (npm) Sep 4, 2020
Insufficient Entropy in parsel Critical
GHSA-vjvw-wcmw-pr26 was published for parsel (npm) Sep 4, 2020
Command Injection in pdf-image Critical
CVE-2018-3757 was published for pdf-image (npm) Sep 1, 2020
Malicious Package in boogeyman Critical
GHSA-9hc2-w9gg-q6jw was published for boogeyman (npm) Sep 1, 2020
Malicious Package in regenraotr Critical
GHSA-5x7p-gm79-383m was published for regenraotr (npm) Sep 1, 2020
Command Injection in priest-runner Critical
GHSA-9px9-f7jw-fwhj was published for priest-runner (npm) Sep 3, 2020
Malicious Package in rqeuest Critical
GHSA-pj97-j597-ppm7 was published for rqeuest (npm) Sep 2, 2020
Malicious Package in logsymbles Critical
GHSA-vcg5-9xw6-r56c was published for logsymbles (npm) Sep 2, 2020
Malicious Package in discord_debug_log Critical
GHSA-5x8q-gj67-rhf2 was published for discord_debug_log (npm) Sep 2, 2020
Malicious Package in aasync Critical
GHSA-9mjp-gv34-3jcf was published for aasync (npm) Sep 2, 2020
Malicious Package in requeest Critical
GHSA-8vj3-jgcf-77jv was published for requeest (npm) Sep 2, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database