Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,598 advisories

Loading
Directory Traversal in yjmyjmyjm High
GHSA-g376-whg7-896m was published for yjmyjmyjm (npm) Sep 1, 2020
Directory Traversal in scott-blanch-weather-app High
CVE-2017-16184 was published for scott-blanch-weather-app (npm) Sep 1, 2020
Directory Traversal in iter-server High
CVE-2017-16183 was published for iter-server (npm) Sep 1, 2020
Directory Traversal in serve46 High
CVE-2017-16148 was published for serve46 (npm) Sep 1, 2020
Directory Traversal in wintiwebdev High
CVE-2017-16181 was published for wintiwebdev (npm) Sep 1, 2020
Directory Traversal in chatbyvista High
CVE-2017-16177 was published for chatbyvista (npm) Sep 1, 2020
Directory Traversal in jansenstuffpleasework High
CVE-2017-16176 was published for jansenstuffpleasework (npm) Sep 1, 2020
Directory Traversal in section2.madisonjbrooks12 High
CVE-2017-16172 was published for section2.madisonjbrooks12 (npm) Sep 1, 2020
mysqljs is malware High
CVE-2017-16047 was published for mysqljs (npm) Sep 1, 2020
Directory Traversal in @vivaxy/here High
GHSA-m4vv-p6fq-jhqp was published for @vivaxy/here (npm) Sep 1, 2020
Path Traversal in 626 High
CVE-2018-3727 was published for 626 (npm) Sep 1, 2020
Cross-Site Scripting in mrk.js High
GHSA-hpr5-wp7c-hh5q was published for mrk.js (npm) Sep 1, 2020
Byass due to validation before canonicalization in serve High
GHSA-wm7q-rxch-43mx was published for serve (npm) Sep 1, 2020
Cross-Site Scripting in react-marked-markdown High
GHSA-m7qm-r2r5-f77q was published for react-marked-markdown (npm) Sep 1, 2020
Path Traversal in express-cart High
GHSA-8h8v-6qqm-fwpq was published for express-cart (npm) Sep 1, 2020
NoSQL injection in express-cart High
GHSA-f5cv-xrv9-r8w7 was published for express-cart (npm) Sep 1, 2020
Missing Origin Validation in browserify-hmr High
CVE-2018-14730 was published for browserify-hmr (npm) Sep 1, 2020
Entropy Backdoor in text-qrcode High
GHSA-h5vj-f7r9-w564 was published for text-qrcode (npm) Sep 1, 2020
Cross-Site Scripting in buefy High
GHSA-xwqw-rf2q-xmhf was published for buefy (npm) Sep 1, 2020
Cross-Site Scripting in md-data-table High
GHSA-hgr5-82rc-p936 was published for md-data-table (npm) Sep 1, 2020
Cross-Site Scripting in jingo High
GHSA-mpjf-8cmf-p789 was published for jingo (npm) Sep 1, 2020
Denial of Service in markdown-it-toc-and-anchor High
GHSA-x6m6-5hrf-fh6r was published for markdown-it-toc-and-anchor (npm) Sep 1, 2020
mprpic
Cross-Site Scripting in mermaid High
GHSA-w32g-5hqp-gg6q was published for mermaid (npm) Sep 2, 2020
Sensitive Data Exposure in rails-session-decoder High
GHSA-44vf-8ffm-v2qh was published for rails-session-decoder (npm) Sep 2, 2020
Remote Code Execution in pomelo-monitor High
GHSA-m5ch-gx8g-rg73 was published for pomelo-monitor (npm) Sep 2, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database