GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
951 advisories
Filter by severity
Malicious Package in cordova-plugin-china-picker
Critical
GHSA-x9gm-qxhh-rf75
was published
for
cordova-plugin-china-picker
(npm)
Sep 1, 2020
Malicious Package in blingjs
Critical
GHSA-hfc6-79wv-5hpw
was published
for
blingjs
(npm)
Sep 1, 2020
Malicious Package in soket.js
Critical
GHSA-x6gq-467r-hwcc
was published
for
soket.js
(npm)
Sep 1, 2020
Malicious Package in reqquest
Critical
GHSA-4jfq-q299-g4cr
was published
for
reqquest
(npm)
Sep 2, 2020
Malicious Package in reequest
Critical
GHSA-rw4r-h883-8pf9
was published
for
reequest
(npm)
Sep 2, 2020
Malicious Package in rrequest
Critical
GHSA-wc7q-qpm4-8pqv
was published
for
rrequest
(npm)
Sep 2, 2020
Malicious Package in hsf-clients
Critical
GHSA-g5q2-fcg9-j526
was published
for
hsf-clients
(npm)
Sep 3, 2020
Malicious Package in midway-dataproxy
Critical
GHSA-mq9h-cwc2-6j5r
was published
for
midway-dataproxy
(npm)
Sep 3, 2020
Malicious Package in maybemaliciouspackage
Critical
GHSA-m9r7-q9fc-qwx5
was published
for
maybemaliciouspackage
(npm)
Sep 3, 2020
Malicious Package in my-very-own-package
Critical
GHSA-crr2-ph72-c52g
was published
for
my-very-own-package
(npm)
Sep 3, 2020
Malicious Package in appx-compiler
Critical
GHSA-8q2c-2396-hf7j
was published
for
appx-compiler
(npm)
Sep 3, 2020
Malicious Package in requuest
Critical
GHSA-frxq-v7fm-m4pv
was published
for
requuest
(npm)
Sep 2, 2020
Malicious Package in reuest
Critical
GHSA-r863-p739-275c
was published
for
reuest
(npm)
Sep 11, 2020
Malicious Package in experss
Critical
GHSA-mmph-wp49-r48h
was published
for
experss
(npm)
Sep 2, 2020
Malicious Package in requestt
Critical
GHSA-2563-83p7-f34p
was published
for
requestt
(npm)
Sep 2, 2020
ProTip!
Advisories are also available from the
GraphQL API