Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,121
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,015 advisories

Loading
Malicious Package in buffer-xos Critical
GHSA-h2j3-gg8w-4858 was published for buffer-xos (npm) Sep 3, 2020
Malicious Package in yeoman-genrator Critical
GHSA-f7g4-fm4c-54m9 was published for yeoman-genrator (npm) Sep 3, 2020
Malicious Package in require-port Critical
GHSA-rrvm-gqq8-q2wx was published for require-port (npm) Sep 3, 2020
Malicious Package in buffer-hor Critical
GHSA-wh87-3959-vfrq was published for buffer-hor (npm) Sep 3, 2020
Malicious Package in bubfer-xor Critical
GHSA-vm67-mh96-95mq was published for bubfer-xor (npm) Sep 3, 2020
Malicious Package in buffar-xor Critical
GHSA-f64g-whxf-w8f2 was published for buffar-xor (npm) Sep 3, 2020
Malicious Package in buffer-xmr Critical
GHSA-5327-gfq5-8f4m was published for buffer-xmr (npm) Sep 3, 2020
Malicious Package in budfer-xor Critical
GHSA-6584-gfwm-3vc3 was published for budfer-xor (npm) Sep 3, 2020
Malicious Package in saync Critical
GHSA-pm9v-325f-5g74 was published for saync (npm) Sep 2, 2020
Malicious Package in font-scrubber Critical
GHSA-65j7-66p7-9xgf was published for font-scrubber (npm) Sep 2, 2020
Path Traversal in @wturyn/swagger-injector Critical
GHSA-4x7w-frcq-v4m3 was published for @wturyn/swagger-injector (npm) Sep 3, 2020
Malicious Package in bowe Critical
GHSA-xmmp-hrmx-x5g7 was published for bowe (npm) Sep 2, 2020
Malicious Package in jqeury Critical
GHSA-4964-cjrr-jg97 was published for jqeury (npm) Sep 2, 2020
Malicious Package in browserift Critical
GHSA-43vf-2x6g-p2m5 was published for browserift (npm) Sep 2, 2020
Malicious Package in erquest Critical
GHSA-4pmg-jgm5-3jg6 was published for erquest (npm) Sep 2, 2020
Malicious Package in colro-name Critical
GHSA-jp9g-5x75-ccp8 was published for colro-name (npm) Sep 2, 2020
Malicious Package in discord.js-user Critical
GHSA-69r6-7h4f-9p7q was published for discord.js-user (npm) Sep 3, 2020
Malicious Package in hulp Critical
GHSA-fqw7-8v6m-2f86 was published for hulp (npm) Sep 2, 2020
Malicious Package in js-base64-int Critical
GHSA-76qf-6mvw-c5hm was published for js-base64-int (npm) Sep 3, 2020
Malicious Package in js-regular Critical
GHSA-qcc9-q247-3m2m was published for js-regular (npm) Sep 3, 2020
Malicious Package in mogodb-core Critical
GHSA-g4m3-rpxr-h7vg was published for mogodb-core (npm) Sep 3, 2020
Malicious Package in mogobd Critical
GHSA-jchg-g94r-64qg was published for mogobd (npm) Sep 3, 2020
Malicious Package in body-parse-xml Critical
GHSA-jcmh-9fvm-j39w was published for body-parse-xml (npm) Sep 3, 2020
Malicious Package in koa-body-parse Critical
GHSA-wqgq-mfvj-6qxp was published for koa-body-parse (npm) Sep 3, 2020
Malicious Package in jquerz Critical
GHSA-c6f3-3c98-2j2f was published for jquerz (npm) Sep 2, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database