Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,121
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,015 advisories

Loading
Malicious Package in foever Critical
GHSA-j3qq-qvc8-c6g7 was published for foever (npm) Sep 1, 2020
Malicious Package in eslint-config-airbnb-standard Critical
GHSA-m852-866j-69j8 was published for eslint-config-airbnb-standard (npm) Sep 1, 2020
Malicious Package in flatmap-stream Critical
GHSA-9x64-5r7x-2q53 was published for flatmap-stream (npm) Sep 1, 2020
Malicious Package in angular-bmap Critical
GHSA-w8hg-mxvh-9h57 was published for angular-bmap (npm) Sep 1, 2020
Malicious Package in freshdom Critical
GHSA-8qm2-24qc-c4qg was published for freshdom (npm) Sep 1, 2020
Malicious Package in ladder-text-js Critical
GHSA-33gc-f8v9-v8hm was published for ladder-text-js (npm) Sep 1, 2020
Improper Authorization in react-oauth-flow Critical
GHSA-65m9-m259-7jqw was published for react-oauth-flow (npm) Sep 3, 2020
Malicious Package in m-backdoor Critical
GHSA-vv52-3mrp-455m was published for m-backdoor (npm) Sep 3, 2020
Command Injection in npm-git-publish Critical
GHSA-49mg-94fc-2fx6 was published for npm-git-publish (npm) Sep 4, 2020
Malicious Package in ripmed160 Critical
GHSA-gmjp-776j-2394 was published for ripmed160 (npm) Sep 3, 2020
Malicious Package in conistring Critical
GHSA-cfc5-x58f-869w was published for conistring (npm) Sep 3, 2020
Malicious Package in fs-extar Critical
GHSA-435c-qcpm-wjw5 was published for fs-extar (npm) Sep 3, 2020
Malicious Package in wallet-address-vaildator Critical
GHSA-m6q2-9pfm-2wvr was published for wallet-address-vaildator (npm) Sep 3, 2020
Malicious Package in ecuvre Critical
GHSA-cgvm-rvfv-c92r was published for ecuvre (npm) Sep 3, 2020
Malicious Package in coinstrng Critical
GHSA-hj5w-xgw9-w4rj was published for coinstrng (npm) Sep 3, 2020
Malicious Package in sb58 Critical
GHSA-674r-xx4c-gj7x was published for sb58 (npm) Sep 3, 2020
Command Injection in gnuplot Critical
GHSA-cfwc-xjfp-44jg was published for gnuplot (npm) Sep 4, 2020
Malicious Package in bpi39 Critical
GHSA-762c-v946-pf25 was published for bpi39 (npm) Sep 4, 2020
Malicious Package in bsae-x Critical
GHSA-mgff-xpg3-3gwc was published for bsae-x (npm) Sep 3, 2020
Malicious Package in coinstirng Critical
GHSA-ff6g-gm92-rf32 was published for coinstirng (npm) Sep 3, 2020
Malicious Package in colne Critical
GHSA-mhxg-pr3j-v9gr was published for colne (npm) Sep 3, 2020
Sandbox Breakout / Arbitrary Code Execution in pitboss-ng Critical
GHSA-3gpc-w23c-w59w was published for pitboss-ng (npm) Sep 4, 2020
Malicious Package in bitcroe-lib Critical
GHSA-4m3p-x2hp-2pgx was published for bitcroe-lib (npm) Sep 4, 2020
Sandbox Breakout / Arbitrary Code Execution in @zhaoyao91/eval-in-vm Critical
GHSA-jp99-5h8w-gmxc was published for @zhaoyao91/eval-in-vm (npm) Sep 4, 2020
Malicious Package in bictoind-rpc Critical
GHSA-jqvv-r4w3-8f7w was published for bictoind-rpc (npm) Sep 4, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database