Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,016 advisories

Loading
Path Traversal in sapper Critical
GHSA-f3vw-587g-r29g was published for sapper (npm) Sep 3, 2020
Command Injection in priest-runner Critical
GHSA-9px9-f7jw-fwhj was published for priest-runner (npm) Sep 3, 2020
Improper Authorization in react-oauth-flow Critical
GHSA-65m9-m259-7jqw was published for react-oauth-flow (npm) Sep 3, 2020
Command Injection in node-wifi Critical
GHSA-4x6x-782q-jfc4 was published for node-wifi (npm) Sep 3, 2020
Malicious Package in maleficent Critical
GHSA-cr5w-6rv4-r2qg was published for maleficent (npm) Sep 3, 2020
Malicious Package in mx-nested-menu Critical
GHSA-48hw-37g6-3gw4 was published for mx-nested-menu (npm) Sep 3, 2020
Malicious Package in vue-backbone Critical
GHSA-5635-9mvj-r6hp was published for vue-backbone (npm) Sep 3, 2020
Malicious Package in radicjs Critical
GHSA-56r9-v65c-34jm was published for radicjs (npm) Sep 3, 2020
Malicious Package in libubx Critical
GHSA-m7xv-7p93-g6q8 was published for libubx (npm) Sep 3, 2020
Malicious Package in leaflet-gpx Critical
GHSA-gjc9-932x-c59p was published for leaflet-gpx (npm) Sep 3, 2020
Malicious Package in jekyll-for-github-projects Critical
GHSA-j5qg-46p9-w2rp was published for jekyll-for-github-projects (npm) Sep 3, 2020
Malicious Package in pm-controls Critical
GHSA-84qj-9qf2-q92r was published for pm-controls (npm) Sep 3, 2020
Malicious Package in ngx-pica Critical
GHSA-76wf-2xcf-6wmx was published for ngx-pica (npm) Sep 3, 2020
Malicious Package in font-scrubber Critical
GHSA-65j7-66p7-9xgf was published for font-scrubber (npm) Sep 2, 2020
Malicious Package in kraken-api Critical
GHSA-fgfj-rj24-mj7q was published for kraken-api (npm) Sep 2, 2020
Malicious Package in rimrafall Critical
GHSA-8hq2-fcqm-39hq was published for rimrafall (npm) Sep 2, 2020
Malicious Package in yeoman-genrator Critical
GHSA-fm7r-2pr7-rw2p was published for yeoman-genrator (npm) Sep 2, 2020
Malicious Package in uglyfi-js Critical
GHSA-9xww-fwh9-95c5 was published for uglyfi-js (npm) Sep 2, 2020
Malicious Package in tensorplow Critical
GHSA-m2fp-c79h-rr79 was published for tensorplow (npm) Sep 2, 2020
Malicious Package in require-ports Critical
GHSA-qj3g-wfr7-3cv7 was published for require-ports (npm) Sep 2, 2020
Malicious Package in logsymbles Critical
GHSA-vcg5-9xw6-r56c was published for logsymbles (npm) Sep 2, 2020
Malicious Package in jquerz Critical
GHSA-c6f3-3c98-2j2f was published for jquerz (npm) Sep 2, 2020
Malicious Package in jqeury Critical
GHSA-4964-cjrr-jg97 was published for jqeury (npm) Sep 2, 2020
Malicious Package in hulp Critical
GHSA-fqw7-8v6m-2f86 was published for hulp (npm) Sep 2, 2020
Malicious Package in froever Critical
GHSA-2r8f-2665-3gxq was published for froever (npm) Sep 2, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database