Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,859 advisories

Loading
Malicious Package in bowee Critical
GHSA-wgvj-6v57-wjh3 was published for bowee (npm) Sep 2, 2020
Malicious Package in discord_debug_log Critical
GHSA-5x8q-gj67-rhf2 was published for discord_debug_log (npm) Sep 2, 2020
Command Injection in priest-runner Critical
GHSA-9px9-f7jw-fwhj was published for priest-runner (npm) Sep 3, 2020
XML External Entity (XXE) vulnerability in bw-calendar-engine Critical
CVE-2018-1000836 was published for org.bedework.caleng:bw-calendar-engine (Maven) Dec 20, 2018
Malicious Package in angluar-cli Critical
GHSA-8mm3-2mcj-cx6r was published for angluar-cli (npm) Sep 11, 2020
Malicious Package in commqnder Critical
GHSA-4xgp-xrg3-c73w was published for commqnder (npm) Sep 11, 2020
Malicious Package in shrugging-logging Critical
GHSA-qv78-398w-cxp7 was published for shrugging-logging (npm) Sep 11, 2020
Malicious Package in test-module-a Critical
GHSA-76xq-58hj-vwm2 was published for test-module-a (npm) Sep 11, 2020
Malicious Package in epress Critical
GHSA-vf8q-pw7h-r2x2 was published for epress (npm) Sep 11, 2020
Malicious Package in motiv.scss Critical
GHSA-2vqq-jgxx-fxjc was published for motiv.scss (npm) Sep 11, 2020
Malicious Package in ng-ui-library Critical
GHSA-2xw5-3767-qxvm was published for ng-ui-library (npm) Sep 11, 2020
Malicious Package in cicada-render Critical
GHSA-6m6m-j2hm-pxrg was published for cicada-render (npm) Sep 3, 2020
Malicious Package in only-test-not-install Critical
GHSA-g9wf-393q-4w38 was published for only-test-not-install (npm) Sep 3, 2020
Malicious Package in hpmm Critical
GHSA-vxfp-qmpq-6826 was published for hpmm (npm) Sep 3, 2020
Malicious Package in antd-cloud Critical
GHSA-j4vm-hg8g-g9qv was published for antd-cloud (npm) Sep 3, 2020
Malicious Package in sdfjghlkfjdshlkjdhsfg Critical
GHSA-gcfc-mgg3-8j2c was published for sdfjghlkfjdshlkjdhsfg (npm) Sep 3, 2020
Malicious Package in maleficent Critical
GHSA-cr5w-6rv4-r2qg was published for maleficent (npm) Sep 3, 2020
Malicious Package in mogoose Critical
GHSA-5mm9-55c9-p5r7 was published for mogoose (npm) Sep 3, 2020
Malicious Package in secure_identity_login_module Critical
GHSA-59x8-7wx6-4hj9 was published for secure_identity_login_module (npm) Sep 3, 2020
Malicious Package in fast-requests Critical
GHSA-wjf2-7f9g-86f5 was published for fast-requests (npm) Sep 3, 2020
Malicious Package in axios-http Critical
GHSA-r2rg-683g-ff96 was published for axios-http (npm) Sep 3, 2020
Malicious Package in midway-xtpl Critical
GHSA-w65v-hx54-xrqx was published for midway-xtpl (npm) Sep 3, 2020
Malicious Package in anarchy Critical
GHSA-jjhg-qw5v-r8xx was published for anarchy (npm) Sep 3, 2020
Malicious Package in bb-builder Critical
GHSA-vm6v-w6q2-mrrq was published for bb-builder (npm) Sep 3, 2020
Malicious Package in zemen Critical
GHSA-377f-vvrc-9wgg was published for zemen (npm) Sep 3, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database