Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

10,602 advisories

Loading
Open Redirect in apostrophe Moderate
GHSA-h97g-4mx7-5p2p was published for apostrophe (npm) Sep 3, 2020
Cross-Site Scripting in @berslucas/liljs Moderate
GHSA-c53x-wwx2-pg96 was published for @berslucas/liljs (npm) Sep 3, 2020
Prototype Pollution in sds Moderate
CVE-2020-7618 was published for sds (npm) Sep 3, 2020
Buffer Overflow in node-weakauras-parser Moderate
GHSA-86mr-6m89-vgj3 was published for node-weakauras-parser (npm) Sep 3, 2020
HTML Injection in marky-markdown Moderate
GHSA-pxmp-fwjc-4x7q was published for marky-markdown (npm) Sep 3, 2020
Denial of Service in ipfs-bitswap Moderate
GHSA-6fcr-9h9g-23fq was published for ipfs-bitswap (npm) Sep 2, 2020
mprpic
Sandbox Breakout / Arbitrary Code Execution in value-censorship Moderate
GHSA-xrr6-6ww3-f3qm was published for value-censorship (npm) Sep 2, 2020
Cross-Site Scripting in google-closure-library Moderate
GHSA-r9q4-w3fm-wrm2 was published for google-closure-library (npm) Sep 2, 2020
HTML Injection in preact Moderate
GHSA-cg48-9hh2-x6mx was published for preact (npm) Sep 2, 2020
Use-After-Free in puppeteer Moderate
CVE-2019-5786 was published for puppeteer (npm) Sep 2, 2020
Unauthorized File Access in glance Moderate
GHSA-vw7g-jq9m-3q9v was published for glance (npm) Sep 2, 2020
Cross-Site Scripting in buttle Moderate
GHSA-pqpp-2363-649v was published for buttle (npm) Sep 2, 2020
Cross-Site Scripting in harp Moderate
GHSA-cx7r-634m-2q2h was published for harp (npm) Sep 2, 2020 withdrawn
Information Disclosure in TYPO3 extension sf_event_mgt Moderate
CVE-2020-25026 was published for derhansen/sf_event_mgt (Composer) Sep 2, 2020
derhansen
Prototype Pollution in smart-extend Moderate
GHSA-f8h3-rqrm-47v9 was published for smart-extend (npm) Sep 2, 2020
Sandbox Breakout / Arbitrary Code Execution in sandbox Moderate
GHSA-fm4j-4xhm-xpwx was published for sandbox (npm) Sep 2, 2020
Remote Memory Exposure in bl Moderate
CVE-2020-8244 was published for bl (npm) Sep 2, 2020
Out-of-bounds Read in base64url Moderate
GHSA-rvg8-pwq2-xj7q was published for base64url (npm) Sep 1, 2020
tdunlap607
Remote Memory Exposure in openwhisk Moderate
GHSA-53mj-mc38-q894 was published for openwhisk (npm) Sep 1, 2020
Remote Memory Exposure in mongoose Moderate
GHSA-r5xw-q988-826m was published for mongoose (npm) Sep 1, 2020
mprpic
Directory Traversal in featurebook Moderate
GHSA-7x92-2j68-h32c was published for featurebook (npm) Sep 1, 2020
cross-env.js is malware Moderate
CVE-2017-16081 was published for cross-env.js (npm) Sep 1, 2020
Nodesass is malware Moderate
CVE-2017-16080 was published for nodesass (npm) Sep 1, 2020
Tracking Module in botbait Moderate
CVE-2017-16126 was published for botbait (npm) Sep 1, 2020
Directory Traversal in dasafio Moderate
CVE-2017-16179 was published for dasafio (npm) Sep 1, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database