Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

4,127 advisories

Loading
Malicious Package in node-buc Critical
GHSA-x3m6-rprw-862w was published for node-buc (npm) Sep 3, 2020
Malicious Package in tiar Critical
GHSA-4hjg-w3ww-38c6 was published for tiar (npm) Sep 3, 2020
Malicious Package in hsf-clients Critical
GHSA-g5q2-fcg9-j526 was published for hsf-clients (npm) Sep 3, 2020
Malicious Package in midway-dataproxy Critical
GHSA-mq9h-cwc2-6j5r was published for midway-dataproxy (npm) Sep 3, 2020
Malicious Package in cal_rd Critical
GHSA-226w-6hhj-69hp was published for cal_rd (npm) Sep 3, 2020
Malicious Package in qingting Critical
GHSA-559q-92vx-xvjp was published for qingting (npm) Sep 3, 2020
Prototype Pollution in lodash.defaultsdeep High
GHSA-h5mp-5q4p-ggf5 was published for lodash.defaultsdeep (npm) Sep 3, 2020
Cross-Site Scripting in bpmn-js-properties-panel High
GHSA-vpj4-89q8-rh38 was published for bpmn-js-properties-panel (npm) Sep 3, 2020
Directory traversal in rollup-plugin-server High
CVE-2020-7683 was published for rollup-plugin-server (npm) Jul 29, 2020
Malicious Package in asymc Critical
GHSA-x6ch-c6rv-f7wh was published for asymc (npm) Sep 2, 2020
CSRF vulnerability in save-server Moderate
CVE-2020-15135 was published for save-server (npm) Aug 4, 2020
Malicious Package in momen Critical
GHSA-h5vm-jhq7-w647 was published for momen (npm) Sep 2, 2020
Malicious Package in calk Critical
GHSA-9mmw-3fmh-96g3 was published for calk (npm) Sep 2, 2020
Malicious Package in reequest Critical
GHSA-rw4r-h883-8pf9 was published for reequest (npm) Sep 2, 2020
Malicious Package in reqquest Critical
GHSA-4jfq-q299-g4cr was published for reqquest (npm) Sep 2, 2020
Malicious Package in rrequest Critical
GHSA-wc7q-qpm4-8pqv was published for rrequest (npm) Sep 2, 2020
Malicious Package in experss Critical
GHSA-mmph-wp49-r48h was published for experss (npm) Sep 2, 2020
Malicious Package in requestt Critical
GHSA-2563-83p7-f34p was published for requestt (npm) Sep 2, 2020
Malicious Package in reuest Critical
GHSA-r863-p739-275c was published for reuest (npm) Sep 11, 2020
Malicious Package in requuest Critical
GHSA-frxq-v7fm-m4pv was published for requuest (npm) Sep 2, 2020
Malicious Package in asyync Critical
GHSA-rm7c-x424-g2mw was published for asyync (npm) Sep 2, 2020
Malicious Package in aysnc Critical
GHSA-gfjr-xqhm-qvv3 was published for aysnc (npm) Sep 2, 2020
Malicious Package in exprss Critical
GHSA-6qc7-jgq7-34rf was published for exprss (npm) Sep 2, 2020
Malicious Package in asnyc Critical
GHSA-v99v-xgjx-7m7g was published for asnyc (npm) Sep 2, 2020
Malicious Package in asycn Critical
GHSA-h26f-j4mv-84g7 was published for asycn (npm) Sep 2, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database