Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,868 advisories

Loading
Malicious Package in js-sia3 Critical
GHSA-3mhm-jvqj-fvhg was published for js-sia3 (npm) Sep 3, 2020
Malicious Package in js-sja3 Critical
GHSA-6343-m2qr-66gf was published for js-sja3 (npm) Sep 3, 2020
Malicious Package in js-sla3 Critical
GHSA-h6m3-cx24-9626 was published for js-sla3 (npm) Sep 3, 2020
Malicious Package in js-wha3 Critical
GHSA-785g-gx74-gr39 was published for js-wha3 (npm) Sep 3, 2020
Malicious Package in js-sxa3 Critical
GHSA-jh67-3wqw-cvhr was published for js-sxa3 (npm) Sep 3, 2020
Malicious Package in jsmsha3 Critical
GHSA-657v-jjf8-83gh was published for jsmsha3 (npm) Sep 3, 2020
Malicious Package in jw-sha3 Critical
GHSA-8g3r-968r-c644 was published for jw-sha3 (npm) Sep 3, 2020
Malicious Package in ks-sha3 Critical
GHSA-563h-49v8-g7x4 was published for ks-sha3 (npm) Sep 3, 2020
Malicious Package in ns-sha3 Critical
GHSA-j67m-jg9p-ppg4 was published for ns-sha3 (npm) Sep 3, 2020
Malicious Package in zs-sha3 Critical
GHSA-7696-qr5q-pg37 was published for zs-sha3 (npm) Sep 3, 2020
Malicious Package in owl-orchard-apple-sunshine Critical
GHSA-h24p-2c3m-5qf4 was published for owl-orchard-apple-sunshine (npm) Sep 3, 2020
Malicious Package in sj-tw-test-security Critical
GHSA-rcv7-4w2m-gj9v was published for sj-tw-test-security (npm) Sep 3, 2020
Malicious Package in sj-tw-sec Critical
GHSA-692h-g37c-qv44 was published for sj-tw-sec (npm) Sep 3, 2020
Malicious Package in sj-tw-abc Critical
GHSA-4hfc-fv33-ph9p was published for sj-tw-abc (npm) Sep 3, 2020
Malicious Package in arsenic-tabasco-cyborg-peanut-butter Critical
GHSA-r742-7j4h-hjr8 was published for arsenic-tabasco-cyborg-peanut-butter (npm) Sep 3, 2020
Malicious Package in superhappyfuntime Critical
GHSA-6qgx-f452-7699 was published for superhappyfuntime (npm) Sep 3, 2020
Malicious Package in sj-labc Critical
GHSA-4fqg-89cc-5pv5 was published for sj-labc (npm) Sep 4, 2020
Sandbox Breakout / Arbitrary Code Execution in lighter-vm Critical
GHSA-c3hq-7mxh-mqxf was published for lighter-vm (npm) Sep 4, 2020
Sandbox Breakout / Arbitrary Code Execution in sandbox Critical
GHSA-gc25-3vc5-2jf9 was published for sandbox (npm) Sep 4, 2020
Sandbox Breakout / Arbitrary Code Execution in pitboss-ng Critical
GHSA-3gpc-w23c-w59w was published for pitboss-ng (npm) Sep 4, 2020
Sandbox Breakout / Arbitrary Code Execution in @zhaoyao91/eval-in-vm Critical
GHSA-jp99-5h8w-gmxc was published for @zhaoyao91/eval-in-vm (npm) Sep 4, 2020
Sandbox Breakout / Arbitrary Code Execution in veval Critical
GHSA-54qm-37qr-w5wq was published for veval (npm) Sep 4, 2020
Malicious Package in malicious-npm-package Critical
GHSA-49c6-3wr4-8jr4 was published for malicious-npm-package (npm) Sep 4, 2020
Sandbox Breakout / Arbitrary Code Execution in localeval Critical
GHSA-mmqv-m45h-q2hp was published for localeval (npm) Sep 4, 2020
Malicious Package in cxct Critical
GHSA-c5xm-m64m-f2vq was published for cxct (npm) Sep 4, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database