GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
962 advisories
Filter by severity
Malicious Package in reuest
Critical
GHSA-r863-p739-275c
was published
for
reuest
(npm)
Sep 11, 2020
Malicious Package in js-base64-int
Critical
GHSA-76qf-6mvw-c5hm
was published
for
js-base64-int
(npm)
Sep 3, 2020
Malicious Package in evil-package
Critical
GHSA-p62r-jf56-h429
was published
for
evil-package
(npm)
Sep 3, 2020
Malicious Package in mogodb-core
Critical
GHSA-g4m3-rpxr-h7vg
was published
for
mogodb-core
(npm)
Sep 3, 2020
Malicious Package in js-regular
Critical
GHSA-qcc9-q247-3m2m
was published
for
js-regular
(npm)
Sep 3, 2020
Malicious Package in discord.js-user
Critical
GHSA-69r6-7h4f-9p7q
was published
for
discord.js-user
(npm)
Sep 3, 2020
Malicious Package in sparkies
Critical
GHSA-c4fm-46gm-4469
was published
for
sparkies
(npm)
Sep 3, 2020
Malicious Package in serializes
Critical
GHSA-j899-348x-h3rq
was published
for
serializes
(npm)
Sep 3, 2020
Malicious Package in body-parse-xml
Critical
GHSA-jcmh-9fvm-j39w
was published
for
body-parse-xml
(npm)
Sep 3, 2020
Malicious Package in koa-body-parse
Critical
GHSA-wqgq-mfvj-6qxp
was published
for
koa-body-parse
(npm)
Sep 3, 2020
Path Traversal in swagger-injector
Critical
GHSA-v4x8-gw49-7hv4
was published
for
swagger-injector
(npm)
Sep 3, 2020
Path Traversal in @wturyn/swagger-injector
Critical
GHSA-4x7w-frcq-v4m3
was published
for
@wturyn/swagger-injector
(npm)
Sep 3, 2020
Malicious Package in browserift
Critical
GHSA-43vf-2x6g-p2m5
was published
for
browserift
(npm)
Sep 2, 2020
Malicious Package in colro-name
Critical
GHSA-jp9g-5x75-ccp8
was published
for
colro-name
(npm)
Sep 2, 2020
ProTip!
Advisories are also available from the
GraphQL API