Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,020 advisories

Loading
Malicious Package in axios-http Critical
GHSA-r2rg-683g-ff96 was published for axios-http (npm) Sep 3, 2020
Malicious Package in crytpo-js Critical
GHSA-m4fq-xh7w-jhfm was published for crytpo-js (npm) Sep 3, 2020
Command Injection in marsdb Critical
GHSA-5mrr-rgp6-x4gr was published for marsdb (npm) Sep 3, 2020
Malicious Package in bb-builder Critical
GHSA-vm6v-w6q2-mrrq was published for bb-builder (npm) Sep 3, 2020
Malicious Package in device-mqtt Critical
GHSA-563h-697m-j7x5 was published for device-mqtt (npm) Sep 3, 2020
Malicious Package in slush-fullstack-framework Critical
GHSA-4j54-mmmv-hjpm was published for slush-fullstack-framework (npm) Sep 3, 2020
Malicious Package in pensi-scheduler Critical
GHSA-j4ch-mw66-xmqv was published for pensi-scheduler (npm) Sep 3, 2020
Malicious Package in pyramid-proportion Critical
GHSA-v6vv-hhqc-6hh2 was published for pyramid-proportion (npm) Sep 3, 2020
Malicious Package in ngx-context-menu Critical
GHSA-xwg3-gjxh-c8pm was published for ngx-context-menu (npm) Sep 3, 2020
Malicious Package in @fangrong/xoc Critical
GHSA-pjxp-f379-6284 was published for @fangrong/xoc (npm) Sep 3, 2020
Malicious Package in iie-viz Critical
GHSA-jf55-rgpx-p6rx was published for iie-viz (npm) Sep 3, 2020
Malicious Package in jquery-airload Critical
GHSA-78p3-96hc-3j47 was published for jquery-airload (npm) Sep 3, 2020
Malicious Package in uploader-plugin Critical
GHSA-fx6f-fpfv-5hmc was published for uploader-plugin (npm) Sep 3, 2020
Malicious Package in zemen Critical
GHSA-377f-vvrc-9wgg was published for zemen (npm) Sep 3, 2020
Malicious Package in sailclothjs Critical
GHSA-m5pf-5894-jmx7 was published for sailclothjs (npm) Sep 3, 2020
Malicious Package in cal_rd Critical
GHSA-226w-6hhj-69hp was published for cal_rd (npm) Sep 3, 2020
Path Traversal in f-serv Critical
GHSA-vx5w-cxch-wwc9 was published for f-serv (npm) Sep 3, 2020
Malicious Package in anarchy Critical
GHSA-jjhg-qw5v-r8xx was published for anarchy (npm) Sep 3, 2020
Malicious Package in fast-requests Critical
GHSA-wjf2-7f9g-86f5 was published for fast-requests (npm) Sep 3, 2020
Malicious Package in cage-js Critical
GHSA-jf8x-wg7f-p3w8 was published for cage-js (npm) Sep 3, 2020
Malicious Package in rate-map Critical
GHSA-x48m-gp6r-gp4v was published for rate-map (npm) Sep 3, 2020
Malicious Package in load-from-cwd-or-npm Critical
GHSA-jxf5-7x3j-8j9m was published for load-from-cwd-or-npm (npm) Sep 3, 2020
Malicious Package in nodes.js Critical
GHSA-38vq-cjh5-vw7x was published for nodes.js (npm) Sep 3, 2020
Malicious Package in deasyncp Critical
GHSA-qfc9-x7gv-27jr was published for deasyncp (npm) Sep 3, 2020
Malicious Package in sdfjghlkfjdshlkjdhsfg Critical
GHSA-gcfc-mgg3-8j2c was published for sdfjghlkfjdshlkjdhsfg (npm) Sep 3, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database