Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

378 advisories

Loading
Malicious Package in portionfatty12 Critical
GHSA-p8fm-w787-x6x3 was published for portionfatty12 (npm) Sep 2, 2020
Malicious Package in rrgod Critical
GHSA-277p-xwpp-3jf7 was published for rrgod (npm) Sep 2, 2020
Malicious Package in commander-js Critical
GHSA-2hqf-qqmq-pgpp was published for commander-js (npm) Sep 2, 2020
Entropy Backdoor in text-qrcode High
GHSA-h5vj-f7r9-w564 was published for text-qrcode (npm) Sep 1, 2020
Malicious Package in flatmap-stream Critical
GHSA-9x64-5r7x-2q53 was published for flatmap-stream (npm) Sep 1, 2020
Malicious Package in foever Critical
GHSA-j3qq-qvc8-c6g7 was published for foever (npm) Sep 1, 2020
Malicious Package in soket.js Critical
GHSA-x6gq-467r-hwcc was published for soket.js (npm) Sep 1, 2020
Malicious Package in soket.io Critical
GHSA-wp2p-q35g-3rjj was published for soket.io (npm) Sep 1, 2020
Malicious Package in regenraotr Critical
GHSA-5x7p-gm79-383m was published for regenraotr (npm) Sep 1, 2020
Malicious Package in regenrator Critical
GHSA-m5p4-7wf9-6w99 was published for regenrator (npm) Sep 1, 2020
Malicious Package in axois Critical
GHSA-wpfc-3w63-g4hm was published for axois (npm) Sep 1, 2020
Malicious Package in boogeyman Critical
GHSA-9hc2-w9gg-q6jw was published for boogeyman (npm) Sep 1, 2020
Malicious Package in eslint-config-airbnb-standard Critical
GHSA-m852-866j-69j8 was published for eslint-config-airbnb-standard (npm) Sep 1, 2020
Malicious Package in ladder-text-js Critical
GHSA-33gc-f8v9-v8hm was published for ladder-text-js (npm) Sep 1, 2020
Malicious Package in nothing-js Critical
GHSA-353r-3v84-9pjj was published for nothing-js (npm) Sep 1, 2020
Malicious Package in getcookies Critical
GHSA-3cjv-4phw-gvvv was published for getcookies (npm) Sep 1, 2020
Malicious Package in nginxbeautifier Critical
GHSA-28xx-8j99-m32j was published for nginxbeautifier (npm) Sep 1, 2020
Malicious Package in json-serializer Critical
GHSA-7xfq-xh6v-4mrm was published for json-serializer (npm) Sep 1, 2020
Malicious Package in freshdom Critical
GHSA-8qm2-24qc-c4qg was published for freshdom (npm) Sep 1, 2020
Malicious Package in impala Critical
GHSA-92px-q4w8-hrr5 was published for impala (npm) Sep 1, 2020
Malicious Package in dossier Critical
GHSA-c8h6-89q2-mgv8 was published for dossier (npm) Sep 1, 2020
Malicious Package in dynamo-schema Critical
GHSA-vp8g-53fw-r9f2 was published for dynamo-schema (npm) Sep 1, 2020
Malicious Package in cordova-plugin-china-picker Critical
GHSA-x9gm-qxhh-rf75 was published for cordova-plugin-china-picker (npm) Sep 1, 2020
Malicious Package in codify Critical
GHSA-2q6w-rxf3-4wc9 was published for codify (npm) Sep 1, 2020
Malicious Package in blingjs Critical
GHSA-hfc6-79wv-5hpw was published for blingjs (npm) Sep 1, 2020
ProTip! Advisories are also available from the GraphQL API