Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,016 advisories

Loading
Malicious Package in flatmap-stream Critical
GHSA-9x64-5r7x-2q53 was published for flatmap-stream (npm) Sep 1, 2020
Command Injection in samsung-remote Critical
GHSA-xhjx-mfr6-9rr4 was published for samsung-remote (npm) Sep 1, 2020
Malicious Package in foever Critical
GHSA-j3qq-qvc8-c6g7 was published for foever (npm) Sep 1, 2020
Malicious Package in soket.js Critical
GHSA-x6gq-467r-hwcc was published for soket.js (npm) Sep 1, 2020
Malicious Package in soket.io Critical
GHSA-wp2p-q35g-3rjj was published for soket.io (npm) Sep 1, 2020
Malicious Package in regenraotr Critical
GHSA-5x7p-gm79-383m was published for regenraotr (npm) Sep 1, 2020
Malicious Package in regenrator Critical
GHSA-m5p4-7wf9-6w99 was published for regenrator (npm) Sep 1, 2020
Malicious Package in axois Critical
GHSA-wpfc-3w63-g4hm was published for axois (npm) Sep 1, 2020
Malicious Package in boogeyman Critical
GHSA-9hc2-w9gg-q6jw was published for boogeyman (npm) Sep 1, 2020
Malicious Package in eslint-config-airbnb-standard Critical
GHSA-m852-866j-69j8 was published for eslint-config-airbnb-standard (npm) Sep 1, 2020
Malicious Package in eslint-config-eslint Critical
GHSA-pv55-r6j3-wp94 was published for eslint-config-eslint (npm) Sep 1, 2020
Command Injection in pdf-image Critical
CVE-2018-3757 was published for pdf-image (npm) Sep 1, 2020
Malicious Package in ladder-text-js Critical
GHSA-33gc-f8v9-v8hm was published for ladder-text-js (npm) Sep 1, 2020
Malicious Package in nothing-js Critical
GHSA-353r-3v84-9pjj was published for nothing-js (npm) Sep 1, 2020
Malicious Package in getcookies Critical
GHSA-3cjv-4phw-gvvv was published for getcookies (npm) Sep 1, 2020
Malicious Package in dictum.js Critical
GHSA-j5jc-jf8f-86q7 was published for dictum.js (npm) Sep 1, 2020
Malicious Package in nginxbeautifier Critical
GHSA-28xx-8j99-m32j was published for nginxbeautifier (npm) Sep 1, 2020
Malicious Package in xoc Critical
GHSA-54cr-gv8w-8324 was published for xoc (npm) Sep 1, 2020
Malicious Package in simple-alipay Critical
GHSA-3wh2-2pp3-2823 was published for simple-alipay (npm) Sep 1, 2020
Malicious Package in s3asy Critical
GHSA-3wjm-33mw-h388 was published for s3asy (npm) Sep 1, 2020
Malicious Package in react-server-native Critical
GHSA-fwvp-x5gj-773j was published for react-server-native (npm) Sep 1, 2020
Malicious Package in react-dates-sc Critical
GHSA-5645-gc7h-98h8 was published for react-dates-sc (npm) Sep 1, 2020
Malicious Package in rc-calendar-jhorst Critical
GHSA-4c87-gg2q-fc6m was published for rc-calendar-jhorst (npm) Sep 1, 2020
Malicious Package in oauth-validator Critical
GHSA-cxcf-78mr-wpg7 was published for oauth-validator (npm) Sep 1, 2020
Malicious Package in modlibrary Critical
GHSA-94m7-w873-6wwf was published for modlibrary (npm) Sep 1, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database