Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

157 advisories

Loading
Missing Encryption of Sensitive Data in yarn High
CVE-2019-5448 was published for yarn (npm) Jul 31, 2019
Downloads Resources over HTTP in chromedriver High
CVE-2016-10579 was published for chromedriver (npm) Feb 18, 2019
closure-util downloads Resources over HTTP High
CVE-2016-10583 was published for closure-util (npm) Feb 18, 2019
Downloads Resources over HTTP in broccoli-closure High
CVE-2016-10635 was published for broccoli-closure (npm) Feb 18, 2019
dwebp-bin downloads Resources over HTTP High
CVE-2016-10633 was published for dwebp-bin (npm) Feb 18, 2019
Downloads Resources over HTTP in jvminstall High
CVE-2016-10631 was published for jvminstall (npm) Feb 18, 2019
nw-with-arm downloads Resources over HTTP High
CVE-2016-10629 was published for nw-with-arm (npm) Feb 18, 2019
Downloads Resources over HTTP in scala-bin High
CVE-2016-10627 was published for scala-bin (npm) Feb 18, 2019
headless-browser-lite downloads Resources over HTTP High
CVE-2016-10625 was published for headless-browser-lite (npm) Feb 18, 2019
Downloads Resources over HTTP in macaca-chromedriver-zxa High
CVE-2016-10623 was published for macaca-chromedriver-zxa (npm) Feb 18, 2019
Downloads Resources over HTTP in fibjs High
CVE-2016-10621 was published for fibjs (npm) Feb 18, 2019
Downloads Resources over HTTP in atom-node-module-installer High
CVE-2016-10620 was published for atom-node-module-installer (npm) Feb 18, 2019
Downloads Resources over HTTP in pennyworth High
CVE-2016-10619 was published for pennyworth (npm) Feb 18, 2019
node-browser downloads Resources over HTTP High
CVE-2016-10618 was published for node-browser (npm) Feb 18, 2019
Downloads Resources over HTTP in box2d-native High
CVE-2016-10617 was published for box2d-native (npm) Feb 18, 2019
Downloads Resources over HTTP in curses High
CVE-2016-10615 was published for curses (npm) Feb 18, 2019
Downloads Resources over HTTP in bionode-sra High
CVE-2016-10613 was published for bionode-sra (npm) Feb 18, 2019
poco downloads Resources over HTTP High
CVE-2016-10659 was published for poco (npm) Feb 18, 2019
Downloads Resources over HTTP in tomita-parser High
CVE-2016-10666 was published for tomita-parser (npm) Feb 18, 2019
Downloads Resources over HTTP in selenium-standalone-painful High
CVE-2016-10679 was published for selenium-standalone-painful (npm) Feb 18, 2019
Downloads Resources over HTTP in massif High
CVE-2016-10682 was published for massif (npm) Feb 18, 2019
Downloads Resources over HTTP in aerospike High
CVE-2016-10558 was published for aerospike (npm) Feb 18, 2019
Downloads Resources over HTTP in galenframework-cli High
CVE-2016-10560 was published for galenframework-cli (npm) Feb 18, 2019
Downloads Resources over HTTP in iedriver High
CVE-2016-10562 was published for iedriver (npm) Feb 18, 2019
Downloads Resources over HTTP in go-ipfs-dep High
CVE-2016-10563 was published for go-ipfs-dep (npm) Feb 18, 2019
ProTip! Advisories are also available from the GraphQL API