Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,494
Maven
5,000+
npm
4,133
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,019 advisories

Loading
Malicious Package in scroool Critical
GHSA-p7w2-mc6m-mfx2 was published for scroool (npm) Sep 11, 2020
Malicious Package in grunt-radical Critical
GHSA-4627-w373-375v was published for grunt-radical (npm) Sep 11, 2020
Malicious Package in ng-ui-library Critical
GHSA-2xw5-3767-qxvm was published for ng-ui-library (npm) Sep 11, 2020
Malicious Package in grunt-radic Critical
GHSA-9p49-cwh3-4qhf was published for grunt-radic (npm) Sep 11, 2020
Malicious Package in github-jquery-widgets Critical
GHSA-c722-pv5w-cfg2 was published for github-jquery-widgets (npm) Sep 11, 2020
Malicious Package in ember-power-timepicker Critical
GHSA-28f8-hqmc-7ph8 was published for ember-power-timepicker (npm) Sep 11, 2020
Malicious Package in electron-native-notify Critical
GHSA-j8qr-rvcv-crhv was published for electron-native-notify (npm) Sep 11, 2020
Malicious Package in test-module-a Critical
GHSA-76xq-58hj-vwm2 was published for test-module-a (npm) Sep 11, 2020
Malicious Package in epress Critical
GHSA-vf8q-pw7h-r2x2 was published for epress (npm) Sep 11, 2020
Malicious Package in geoheat Critical
GHSA-p32g-242c-76h3 was published for geoheat (npm) Sep 11, 2020
Malicious Package in commmander Critical
GHSA-q42c-rrp3-r3xm was published for commmander (npm) Sep 11, 2020
Malicious Package in blubird Critical
GHSA-rvww-x6m4-4vc2 was published for blubird (npm) Sep 11, 2020
Malicious Package in angular-location-update Critical
GHSA-53jx-4wwh-gcqj was published for angular-location-update (npm) Sep 11, 2020
Malicious Package in commqnder Critical
GHSA-4xgp-xrg3-c73w was published for commqnder (npm) Sep 11, 2020
Malicious Package in equest Critical
GHSA-mvch-rh6h-2m47 was published for equest (npm) Sep 11, 2020
Malicious Package in angluar-cli Critical
GHSA-8mm3-2mcj-cx6r was published for angluar-cli (npm) Sep 11, 2020
Malicious Package in reuest Critical
GHSA-r863-p739-275c was published for reuest (npm) Sep 11, 2020
Malicious Package in shrugging-logging Critical
GHSA-qv78-398w-cxp7 was published for shrugging-logging (npm) Sep 11, 2020
Malicious Package in requst Critical
GHSA-8qx4-r7fx-xc4v was published for requst (npm) Sep 11, 2020
Privilege Escalation in cordova-plugin-inappbrowser Critical
CVE-2019-0219 was published for cordova-plugin-inappbrowser (npm) Sep 4, 2020
Command Injection in traceroute Critical
GHSA-rjvj-673q-4hfw was published for traceroute (npm) Sep 4, 2020
Insufficient Entropy in parsel Critical
GHSA-vjvw-wcmw-pr26 was published for parsel (npm) Sep 4, 2020
Insecure Cryptography Algorithm in parsel Critical
GHSA-wqgx-4q47-j2w5 was published for parsel (npm) Sep 4, 2020
Command Injection in npm-git-publish Critical
GHSA-49mg-94fc-2fx6 was published for npm-git-publish (npm) Sep 4, 2020
Command Injection in meta-git Critical
GHSA-qcff-ffx3-m25c was published for meta-git (npm) Sep 4, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database