GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License

Language support

About GitHub Advisory Database

350 advisories

Critical

CVE-2019-10780 was published for bibtex-ruby (RubyGems) Feb 14, 2020

Critical

CVE-2019-10777 was published for aws-lambda (npm) Feb 14, 2020

Critical

CVE-2019-10776 was published for git-diff-apply (npm) Feb 14, 2020

Critical

CVE-2019-10758 was published for mongo-express (npm) Dec 30, 2019

Critical

CVE-2019-5485 was published for gitlabhook (npm) Sep 16, 2019

High

CVE-2019-5475 was published for org.sonatype.nexus.plugins:nexus-yum-repository-plugin (Maven) Sep 11, 2019

Critical

CVE-2019-5477 was published for nokogiri (RubyGems) Aug 19, 2019

High

CVE-2019-13574 was published for mini_magick (RubyGems) Jul 18, 2019

Critical

CVE-2013-7285 was published for com.thoughtworks.xstream:xstream (Maven) May 29, 2019

High

CVE-2019-0232 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Apr 18, 2019

Critical

CVE-2016-10541 was published for shell-quote (npm) Feb 18, 2019

High

CVE-2018-6342 was published for react-dev-utils (npm) Jan 4, 2019

High

CVE-2018-19907 was published for org.craftercms:crafter-studio (Maven) Dec 19, 2018

High

CVE-2018-14572 was published for conference-scheduler-cli (pip) Oct 29, 2018

Critical

CVE-2018-16460 was published for ps (npm) Sep 17, 2018

Critical

CVE-2018-3786 was published for egg-scripts (npm) Sep 17, 2018

Critical

CVE-2018-13797 was published for macaddress (npm) Sep 6, 2018

Critical

CVE-2018-3785 was published for git-dummy-commit (npm) Aug 21, 2018

Critical

CVE-2017-16042 was published for growl (npm) Jun 8, 2018

Critical

CVE-2018-3746 was published for pdfinfojs (npm) Jun 7, 2018

High

CVE-2018-1000118 was published for electron (npm) Mar 26, 2018

High

CVE-2018-1000006 was published for electron (npm) Jan 23, 2018

Moderate

CVE-2013-4457 was published for cocaine (RubyGems) Oct 24, 2017

Critical

CVE-2013-2090 was published for cremefraiche (RubyGems) Oct 24, 2017

Critical

CVE-2013-1947 was published for kelredd-pruview (RubyGems) Oct 24, 2017

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

350 advisories