Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,014 advisories

Loading
Malicious Package in buffar-xor Critical
GHSA-f64g-whxf-w8f2 was published for buffar-xor (npm) Sep 3, 2020
Malicious Package in buffer-xmr Critical
GHSA-5327-gfq5-8f4m was published for buffer-xmr (npm) Sep 3, 2020
Malicious Package in budfer-xor Critical
GHSA-6584-gfwm-3vc3 was published for budfer-xor (npm) Sep 3, 2020
Malicious Package in bmap Critical
GHSA-p59g-6cqr-m73w was published for bmap (npm) Sep 3, 2020
Malicious Package in yeoman-genrator Critical
GHSA-f7g4-fm4c-54m9 was published for yeoman-genrator (npm) Sep 3, 2020
Malicious Package in buffer-xo2 Critical
GHSA-f72h-wf57-7xwh was published for buffer-xo2 (npm) Sep 3, 2020
Malicious Package in buffer-xos Critical
GHSA-h2j3-gg8w-4858 was published for buffer-xos (npm) Sep 3, 2020
Malicious Package in jquerz Critical
GHSA-c6f3-3c98-2j2f was published for jquerz (npm) Sep 2, 2020
Malicious Package in froever Critical
GHSA-2r8f-2665-3gxq was published for froever (npm) Sep 2, 2020
Malicious Package in yeoman-genrator Critical
GHSA-fm7r-2pr7-rw2p was published for yeoman-genrator (npm) Sep 2, 2020
Malicious Package in tensorplow Critical
GHSA-m2fp-c79h-rr79 was published for tensorplow (npm) Sep 2, 2020
Malicious Package in saync Critical
GHSA-pm9v-325f-5g74 was published for saync (npm) Sep 2, 2020
Malicious Package in font-scrubber Critical
GHSA-65j7-66p7-9xgf was published for font-scrubber (npm) Sep 2, 2020
Malicious Package in erquest Critical
GHSA-4pmg-jgm5-3jg6 was published for erquest (npm) Sep 2, 2020
Malicious Package in colro-name Critical
GHSA-jp9g-5x75-ccp8 was published for colro-name (npm) Sep 2, 2020
Malicious Package in bowe Critical
GHSA-xmmp-hrmx-x5g7 was published for bowe (npm) Sep 2, 2020
Malicious Package in jqeury Critical
GHSA-4964-cjrr-jg97 was published for jqeury (npm) Sep 2, 2020
Malicious Package in browserift Critical
GHSA-43vf-2x6g-p2m5 was published for browserift (npm) Sep 2, 2020
Malicious Package in hulp Critical
GHSA-fqw7-8v6m-2f86 was published for hulp (npm) Sep 2, 2020
Malicious Package in js-base64-int Critical
GHSA-76qf-6mvw-c5hm was published for js-base64-int (npm) Sep 3, 2020
Malicious Package in js-regular Critical
GHSA-qcc9-q247-3m2m was published for js-regular (npm) Sep 3, 2020
Malicious Package in mogodb-core Critical
GHSA-g4m3-rpxr-h7vg was published for mogodb-core (npm) Sep 3, 2020
Malicious Package in discord.js-user Critical
GHSA-69r6-7h4f-9p7q was published for discord.js-user (npm) Sep 3, 2020
Malicious Package in sparkies Critical
GHSA-c4fm-46gm-4469 was published for sparkies (npm) Sep 3, 2020
Path Traversal in swagger-injector Critical
GHSA-v4x8-gw49-7hv4 was published for swagger-injector (npm) Sep 3, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database