Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,598 advisories

Loading
Remote Code Execution in office-converter High
GHSA-9p64-h5q4-phpm was published for office-converter (npm) Sep 2, 2020
Sandbox Breakout / Arbitrary Code Execution in static-eval High
GHSA-x9hc-rw35-f44h was published for static-eval (npm) Sep 2, 2020
Cross-Site Scripting in semantic-ui-search High
GHSA-p9vv-3945-x93h was published for semantic-ui-search (npm) Sep 2, 2020
NoSQL Injection in loopback-connector-mongodb High
GHSA-hxwc-5vw9-2w4w was published for loopback-connector-mongodb (npm) Sep 2, 2020
Cross-Site Scripting in bootstrap-vue High
GHSA-c7pp-x73h-4m2v was published for bootstrap-vue (npm) Sep 2, 2020
tdunlap607
Improper Authorization in loopback High
GHSA-8wgc-jjvv-cv6v was published for loopback (npm) Sep 2, 2020
Remote Code Execution in pi_video_recording High
GHSA-9wjh-jr2j-6r4x was published for pi_video_recording (npm) Sep 2, 2020
Arbitrary File Overwrite in decompress-zip High
GHSA-73v8-v6g4-vrpm was published for decompress-zip (npm) Sep 2, 2020
Denial of Service in serialize-to-js High
GHSA-w5q7-3pr9-x44w was published for serialize-to-js (npm) Sep 2, 2020
Improper Authorization in googleapis High
GHSA-7543-mr7h-6v86 was published for googleapis (npm) Sep 2, 2020
Command Injection in tomato High
GHSA-wqhw-frpx-5mmp was published for tomato (npm) Sep 2, 2020
Arbitrary JavaScript Execution in typed-function High
CVE-2017-1001004 was published for typed-function (npm) Sep 2, 2020
Command Injection in cocos-utils High
GHSA-rffp-mc78-wjf7 was published for cocos-utils (npm) Sep 2, 2020
Insecure Default Configuration in graphql-code-generator High
GHSA-9w87-4j72-gcv7 was published for graphql-code-generator (npm) Sep 2, 2020
Cross-Site Scripting in wangeditor High
GHSA-g7mw-5cq6-fv82 was published for wangeditor (npm) Sep 2, 2020
Cross-Site Scripting in jquery-mobile High
GHSA-fj93-7wm4-8x2g was published for jquery-mobile (npm) Sep 2, 2020
Cross-Site Scripting in fomantic-ui High
GHSA-788m-pj96-7w2c was published for fomantic-ui (npm) Sep 2, 2020
ag-grid Cross-Site Scripting vulnerability High
GHSA-7p6w-x2gr-rrf8 was published for ag-grid (npm) Sep 2, 2020
SQL Injection in sails-mysql High
GHSA-hx5x-49mm-vmhw was published for sails-mysql (npm) Sep 3, 2020
Command Injection in expressfs High
GHSA-mxmj-84q8-34r7 was published for expressfs (npm) Sep 3, 2020
Command Injection in addax High
GHSA-4q8f-5xxj-946r was published for addax (npm) Sep 3, 2020
HTML Injection in marky-markdown High
GHSA-mg69-6j3m-jvgw was published for marky-markdown (npm) Sep 3, 2020
Denial of Service in ammo High
GHSA-mg85-8mv5-ffjr was published for ammo (npm) Sep 3, 2020
Denial of Service in @hapi/accept High
GHSA-9vrw-m88g-w75q was published for @hapi/accept (npm) Sep 3, 2020
Denial of Service in @hapi/ammo High
GHSA-gjph-xf5q-6mfq was published for @hapi/ammo (npm) Sep 3, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database