Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,868 advisories

Loading
Malicious Package in coffee-project Critical
GHSA-3fv6-q5xv-fhpw was published for coffee-project (npm) Sep 1, 2020
Malicious Package in cordova-plugin-china-picker Critical
GHSA-x9gm-qxhh-rf75 was published for cordova-plugin-china-picker (npm) Sep 1, 2020
Malicious Package in css_transform_support Critical
GHSA-45cp-hpc9-8347 was published for css_transform_support (npm) Sep 1, 2020
Malicious Package in css_transform_step Critical
GHSA-4rx9-58m7-gr8w was published for css_transform_step (npm) Sep 1, 2020
Malicious Package in dynamo-schema Critical
GHSA-vp8g-53fw-r9f2 was published for dynamo-schema (npm) Sep 1, 2020
Malicious Package in dossier Critical
GHSA-c8h6-89q2-mgv8 was published for dossier (npm) Sep 1, 2020
Malicious Package in impala Critical
GHSA-92px-q4w8-hrr5 was published for impala (npm) Sep 1, 2020
Malicious Package in freshdom Critical
GHSA-8qm2-24qc-c4qg was published for freshdom (npm) Sep 1, 2020
Malicious Package in jasmin Critical
GHSA-9cq4-mhmr-84gm was published for jasmin (npm) Sep 1, 2020
Malicious Package in json-serializer Critical
GHSA-7xfq-xh6v-4mrm was published for json-serializer (npm) Sep 1, 2020
Malicious Package in modlibrary Critical
GHSA-94m7-w873-6wwf was published for modlibrary (npm) Sep 1, 2020
Malicious Package in oauth-validator Critical
GHSA-cxcf-78mr-wpg7 was published for oauth-validator (npm) Sep 1, 2020
Malicious Package in rc-calendar-jhorst Critical
GHSA-4c87-gg2q-fc6m was published for rc-calendar-jhorst (npm) Sep 1, 2020
Malicious Package in react-dates-sc Critical
GHSA-5645-gc7h-98h8 was published for react-dates-sc (npm) Sep 1, 2020
Malicious Package in react-server-native Critical
GHSA-fwvp-x5gj-773j was published for react-server-native (npm) Sep 1, 2020
Malicious Package in s3asy Critical
GHSA-3wjm-33mw-h388 was published for s3asy (npm) Sep 1, 2020
Malicious Package in simple-alipay Critical
GHSA-3wh2-2pp3-2823 was published for simple-alipay (npm) Sep 1, 2020
Malicious Package in xoc Critical
GHSA-54cr-gv8w-8324 was published for xoc (npm) Sep 1, 2020
Malicious Package in nginxbeautifier Critical
GHSA-28xx-8j99-m32j was published for nginxbeautifier (npm) Sep 1, 2020
Malicious Package in dictum.js Critical
GHSA-j5jc-jf8f-86q7 was published for dictum.js (npm) Sep 1, 2020
Malicious Package in getcookies Critical
GHSA-3cjv-4phw-gvvv was published for getcookies (npm) Sep 1, 2020
Malicious Package in nothing-js Critical
GHSA-353r-3v84-9pjj was published for nothing-js (npm) Sep 1, 2020
Malicious Package in ladder-text-js Critical
GHSA-33gc-f8v9-v8hm was published for ladder-text-js (npm) Sep 1, 2020
Command Injection in pdf-image Critical
CVE-2018-3757 was published for pdf-image (npm) Sep 1, 2020
Malicious Package in eslint-config-eslint Critical
GHSA-pv55-r6j3-wp94 was published for eslint-config-eslint (npm) Sep 1, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database