GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,438 advisories
Filter by severity
Downloads Resources over HTTP in nodewebkit
High
CVE-2016-10580
was published
for
nodewebkit
(npm)
Feb 18, 2019
Downloads Resources over HTTP in openframe-image
High
CVE-2016-10616
was published
for
openframe-image
(npm)
Feb 18, 2019
Downloads Resources over HTTP in product-monitor
High
CVE-2016-10567
was published
for
product-monitor
(npm)
Feb 18, 2019
Downloads Resources over HTTP in redis-srvr
High
CVE-2016-10639
was published
for
redis-srvr
(npm)
Feb 18, 2019
ReDoS via long UserAgent header in ua-parser
High
CVE-2017-16086
was published
for
ua-parser
(npm)
Jul 24, 2018
Downloads Resources over HTTP in jvminstall
High
CVE-2016-10631
was published
for
jvminstall
(npm)
Feb 18, 2019
Downloads Resources over HTTP in unicode
High
CVE-2016-10578
was published
for
unicode
(npm)
Feb 18, 2019
Potential Command Injection in codem-transcode
High
CVE-2013-7377
was published
for
codem-transcode
(npm)
Nov 28, 2017
Downloads Resources over HTTP in wasdk
High
CVE-2016-10587
was published
for
wasdk
(npm)
Feb 18, 2019
Downloads Resources over HTTP in jstestdriver
High
CVE-2016-10643
was published
for
jstestdriver
(npm)
Aug 15, 2018
Downloads Resources over HTTP in native-opencv
High
CVE-2016-10658
was published
for
native-opencv
(npm)
Feb 18, 2019
Downloads Resources over HTTP in imageoptim
High
CVE-2016-10596
was published
for
imageoptim
(npm)
Feb 18, 2019
Downloads Resources over HTTP in windows-iedriver
High
CVE-2016-10689
was published
for
windows-iedriver
(npm)
Feb 18, 2019
Cross-Site Request Forgery (CSRF) in keystone
High
CVE-2017-16570
was published
for
keystone
(npm)
Nov 30, 2017
Regular Expression Denial of Service in parsejson
High
CVE-2017-16113
was published
for
parsejson
(npm)
Jul 24, 2018
Downloads Resources over HTTP in install-g-test
High
CVE-2016-10630
was published
for
install-g-test
(npm)
Feb 18, 2019
Downloads Resources over HTTP in limbus-buildgen
High
CVE-2016-10674
was published
for
limbus-buildgen
(npm)
Feb 18, 2019
Downloads Resources over HTTP in phantomjs-cheniu
High
CVE-2016-10661
was published
for
phantomjs-cheniu
(npm)
Feb 18, 2019
ProTip!
Advisories are also available from the
GraphQL API