Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,014 advisories

Loading
Malicious Package in midway-dataproxy Critical
GHSA-mq9h-cwc2-6j5r was published for midway-dataproxy (npm) Sep 3, 2020
Malicious Package in tiar Critical
GHSA-4hjg-w3ww-38c6 was published for tiar (npm) Sep 3, 2020
Malicious Package in load-from-cwd-or-npm Critical
GHSA-jxf5-7x3j-8j9m was published for load-from-cwd-or-npm (npm) Sep 3, 2020
Malicious Package in my-very-own-package Critical
GHSA-crr2-ph72-c52g was published for my-very-own-package (npm) Sep 3, 2020
Malicious Package in appx-compiler Critical
GHSA-8q2c-2396-hf7j was published for appx-compiler (npm) Sep 3, 2020
Malicious Package in node-buc Critical
GHSA-x3m6-rprw-862w was published for node-buc (npm) Sep 3, 2020
Malicious Package in erquest Critical
GHSA-4pmg-jgm5-3jg6 was published for erquest (npm) Sep 2, 2020
Malicious Package in hulp Critical
GHSA-fqw7-8v6m-2f86 was published for hulp (npm) Sep 2, 2020
Malicious Package in jqeury Critical
GHSA-4964-cjrr-jg97 was published for jqeury (npm) Sep 2, 2020
Malicious Package in tensorplow Critical
GHSA-m2fp-c79h-rr79 was published for tensorplow (npm) Sep 2, 2020
Malicious Package in mogobd Critical
GHSA-jchg-g94r-64qg was published for mogobd (npm) Sep 3, 2020
Malicious Package in bowe Critical
GHSA-xmmp-hrmx-x5g7 was published for bowe (npm) Sep 2, 2020
Malicious Package in font-scrubber Critical
GHSA-65j7-66p7-9xgf was published for font-scrubber (npm) Sep 2, 2020
Malicious Package in serializes Critical
GHSA-j899-348x-h3rq was published for serializes (npm) Sep 3, 2020
Malicious Package in evil-package Critical
GHSA-p62r-jf56-h429 was published for evil-package (npm) Sep 3, 2020
Malicious Package in browserift Critical
GHSA-43vf-2x6g-p2m5 was published for browserift (npm) Sep 2, 2020
Malicious Package in froever Critical
GHSA-2r8f-2665-3gxq was published for froever (npm) Sep 2, 2020
Malicious Package in body-parse-xml Critical
GHSA-jcmh-9fvm-j39w was published for body-parse-xml (npm) Sep 3, 2020
Malicious Package in saync Critical
GHSA-pm9v-325f-5g74 was published for saync (npm) Sep 2, 2020
Malicious Package in colro-name Critical
GHSA-jp9g-5x75-ccp8 was published for colro-name (npm) Sep 2, 2020
Malicious Package in jquerz Critical
GHSA-c6f3-3c98-2j2f was published for jquerz (npm) Sep 2, 2020
Malicious Package in yeoman-genrator Critical
GHSA-fm7r-2pr7-rw2p was published for yeoman-genrator (npm) Sep 2, 2020
Malicious Package in sparkies Critical
GHSA-c4fm-46gm-4469 was published for sparkies (npm) Sep 3, 2020
Path Traversal in @wturyn/swagger-injector Critical
GHSA-4x7w-frcq-v4m3 was published for @wturyn/swagger-injector (npm) Sep 3, 2020
Malicious Package in discord.js-user Critical
GHSA-69r6-7h4f-9p7q was published for discord.js-user (npm) Sep 3, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database