GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+
1,598 advisories
Filter by severity
Cross-Site Scripting in jquery-mobile
High
GHSA-fj93-7wm4-8x2g
was published
for
jquery-mobile
(npm)
Sep 2, 2020
Remote Code Execution in pomelo-monitor
High
GHSA-m5ch-gx8g-rg73
was published
for
pomelo-monitor
(npm)
Sep 2, 2020
Denial of Service in @commercial/subtext
High
GHSA-cvfm-xjc8-f2vm
was published
for
@commercial/subtext
(npm)
Sep 3, 2020
Cross-Site Scripting in md-data-table
High
GHSA-hgr5-82rc-p936
was published
for
md-data-table
(npm)
Sep 1, 2020
Path Traversal in express-cart
High
GHSA-8h8v-6qqm-fwpq
was published
for
express-cart
(npm)
Sep 1, 2020
Denial of Service in @hapi/ammo
High
GHSA-gjph-xf5q-6mfq
was published
for
@hapi/ammo
(npm)
Sep 3, 2020
Denial of Service in @commercial/hapi
High
GHSA-66mv-xh68-h6v2
was published
for
@commercial/hapi
(npm)
Sep 3, 2020
Cross-Site Scripting in markdown-it-katex
High
GHSA-5ff8-jcf9-fw62
was published
for
markdown-it-katex
(npm)
Sep 4, 2020
Prototype Pollution in @hapi/subtext
High
GHSA-g9cg-h3jm-cwrc
was published
for
@hapi/subtext
(npm)
Sep 3, 2020
Prototype Pollution in handlebars
High
GHSA-g9r4-xpmj-mj65
was published
for
handlebars
(npm)
Sep 4, 2020
Prototype Pollution in getsetdeep
High
GHSA-8j49-49jq-vwcq
was published
for
getsetdeep
(npm)
Sep 4, 2020
Prototype Pollution in get-setter
High
GHSA-ch82-gqh6-9xj9
was published
for
get-setter
(npm)
Sep 4, 2020
Downloads Resources over HTTP in node-air-sdk
High
CVE-2016-10647
was published
for
node-air-sdk
(npm)
Sep 1, 2020
Cross-Site Scripting in snekserve
High
GHSA-hv4w-jhcj-6wfw
was published
for
snekserve
(npm)
Sep 3, 2020
Unauthorized File Access in node-git-server
High
GHSA-cv3v-7846-6pxm
was published
for
node-git-server
(npm)
Sep 3, 2020
Prototype Pollution in lodash.merge
High
GHSA-2m96-9w4j-wgv7
was published
for
lodash.merge
(npm)
Sep 3, 2020
Cross-Site Scripting in dmn-js-properties-panel
High
GHSA-h9wr-xr4r-66fh
was published
for
dmn-js-properties-panel
(npm)
Sep 3, 2020
ProTip!
Advisories are also available from the
GraphQL API