Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,121
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,015 advisories

Loading
Malicious Package in bitconi-ops Critical
GHSA-w9hw-v97w-g5f5 was published for bitconi-ops (npm) Sep 4, 2020
Arbitrary File Write in iobroker.admin Critical
CVE-2019-10765 was published for iobroker.admin (npm) Sep 4, 2020
Malicious Package in bitcion-ops Critical
GHSA-85q4-v37c-wfpc was published for bitcion-ops (npm) Sep 4, 2020
Malicious Package in bitcoisnj-lib Critical
GHSA-629c-j867-3v45 was published for bitcoisnj-lib (npm) Sep 4, 2020
Malicious Package in bs58chek Critical
GHSA-3cpj-mj3q-82wr was published for bs58chek (npm) Sep 4, 2020
Command Injection in pidusage Critical
CVE-2017-16034 was published for pidusage (npm) Sep 1, 2020
Malicious Package in arsenic-tabasco-cyborg-peanut-butter Critical
GHSA-r742-7j4h-hjr8 was published for arsenic-tabasco-cyborg-peanut-butter (npm) Sep 3, 2020
Malicious Package in buvfer-xor Critical
GHSA-wjpj-gmc3-5w56 was published for buvfer-xor (npm) Sep 3, 2020
Malicious Package in buffmr-xor Critical
GHSA-wv39-cgmm-cq29 was published for buffmr-xor (npm) Sep 3, 2020
Malicious Package in j3-sha3 Critical
GHSA-p3jx-g34v-q56j was published for j3-sha3 (npm) Sep 3, 2020
Malicious Package in jq-sha3 Critical
GHSA-x8m7-cv39-xmg9 was published for jq-sha3 (npm) Sep 3, 2020
Malicious Package in buffep-xor Critical
GHSA-73wv-v82c-xmqv was published for buffep-xor (npm) Sep 3, 2020
Malicious Package in buffes-xor Critical
GHSA-28f4-mjfq-qrvf was published for buffes-xor (npm) Sep 3, 2020
Malicious Package in buffer-xob Critical
GHSA-gpg2-7r7j-4pm9 was published for buffer-xob (npm) Sep 3, 2020
Malicious Package in bwffer-xor Critical
GHSA-7qg7-6g3g-8vxg was published for bwffer-xor (npm) Sep 3, 2020
Malicious Package in sj-tw-test-security Critical
GHSA-rcv7-4w2m-gj9v was published for sj-tw-test-security (npm) Sep 3, 2020
Sandbox Breakout / Arbitrary Code Execution in sandbox Critical
GHSA-gc25-3vc5-2jf9 was published for sandbox (npm) Sep 4, 2020
Sandbox Breakout / Arbitrary Code Execution in veval Critical
GHSA-54qm-37qr-w5wq was published for veval (npm) Sep 4, 2020
Sandbox Breakout / Arbitrary Code Execution in lighter-vm Critical
GHSA-c3hq-7mxh-mqxf was published for lighter-vm (npm) Sep 4, 2020
Command Injection in gm Critical
CVE-2015-7982 was published for gm (npm) Sep 1, 2020
Malicious Package in mysql-koa Critical
GHSA-x45v-pvpg-hcrh was published for mysql-koa (npm) Sep 3, 2020
Malicious Package in 8.9.4 Critical
GHSA-725f-3pw7-rq6x was published for 8.9.4 (npm) Sep 3, 2020
Malicious Package in btffer-xor Critical
GHSA-8hrq-9wm7-v3jw was published for btffer-xor (npm) Sep 3, 2020
API Admin Auth Weakness in tomato Critical
CVE-2013-7379 was published for tomato (npm) Aug 31, 2020
Malicious Package in comander Critical
GHSA-4xg9-g7qj-jhg4 was published for comander (npm) Sep 3, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database