Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,598 advisories

Loading
Cross-Site Scripting in jquery.json-viewer High
GHSA-v9wp-8r97-v6xg was published for jquery.json-viewer (npm) Sep 3, 2020
Cross-Site Scripting in graylog-web-interface High
GHSA-9qgh-7pgp-hp7r was published for graylog-web-interface (npm) Sep 3, 2020
Cross-Site Scripting in @ionic/core High
GHSA-r3xc-47qg-h929 was published for @ionic/core (npm) Sep 3, 2020
Cross-Site Scripting in bleach High
GHSA-5634-rv46-48jf was published for bleach (npm) Sep 3, 2020
Path Traversal in restify-swagger-jsdoc High
GHSA-gvff-25cc-4f66 was published for restify-swagger-jsdoc (npm) Sep 3, 2020
Command Injection in soletta-dev-app High
GHSA-8mgg-5x65-m4m4 was published for soletta-dev-app (npm) Sep 11, 2020
Command Injection in addax High
GHSA-4q8f-5xxj-946r was published for addax (npm) Sep 3, 2020
SQL Injection in sails-mysql High
GHSA-hx5x-49mm-vmhw was published for sails-mysql (npm) Sep 3, 2020
Cross-Site Scripting in scratch-svg-renderer High
CVE-2020-7750 was published for scratch-svg-renderer (npm) Nov 9, 2020
Insecure Default Configuration in graphql-code-generator High
GHSA-9w87-4j72-gcv7 was published for graphql-code-generator (npm) Sep 2, 2020
NoSQL injection in express-cart High
GHSA-f5cv-xrv9-r8w7 was published for express-cart (npm) Sep 1, 2020
Entropy Backdoor in text-qrcode High
GHSA-h5vj-f7r9-w564 was published for text-qrcode (npm) Sep 1, 2020
Remote Code Execution in office-converter High
GHSA-9p64-h5q4-phpm was published for office-converter (npm) Sep 2, 2020
Missing Origin Validation in browserify-hmr High
CVE-2018-14730 was published for browserify-hmr (npm) Sep 1, 2020
File restriction bypass in socket.io-file High
GHSA-6495-8jvh-f28x was published for socket.io-file (npm) Oct 2, 2020
Denial of Service in serialize-to-js High
GHSA-w5q7-3pr9-x44w was published for serialize-to-js (npm) Sep 2, 2020
Cross-Site Scripting in mermaid High
GHSA-w32g-5hqp-gg6q was published for mermaid (npm) Sep 2, 2020
Improper Authorization in loopback High
GHSA-8wgc-jjvv-cv6v was published for loopback (npm) Sep 2, 2020
Directory Traversal in @vivaxy/here High
GHSA-m4vv-p6fq-jhqp was published for @vivaxy/here (npm) Sep 1, 2020
Byass due to validation before canonicalization in serve High
GHSA-wm7q-rxch-43mx was published for serve (npm) Sep 1, 2020
Denial of Service in hapi High
GHSA-7hx8-2rxv-66xv was published for hapi (npm) Sep 3, 2020
Cross-Site Scripting in bootstrap-select High
GHSA-9r7h-6639-v5mw was published for bootstrap-select (npm) Sep 3, 2020
Improper Authorization in @sap-cloud-sdk/core High
GHSA-r2vw-jgq9-jqx2 was published for @sap-cloud-sdk/core (npm) Sep 3, 2020
HTML Injection in marky-markdown High
GHSA-mg69-6j3m-jvgw was published for marky-markdown (npm) Sep 3, 2020
Denial of Service in @commercial/ammo High
GHSA-rhc3-76jw-4f2x was published for @commercial/ammo (npm) Sep 4, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database