Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

335 advisories

Loading
Malicious Package in bqffer-xor Critical
GHSA-pxqp-mv67-g528 was published for bqffer-xor (npm) Sep 3, 2020
Malicious Package in bufber-xor Critical
GHSA-p9g3-vpvp-hcj5 was published for bufber-xor (npm) Sep 3, 2020
Malicious Package in buffer-xkr Critical
GHSA-rw53-q8x7-ccx8 was published for buffer-xkr (npm) Sep 3, 2020
Malicious Package in buffer-xoz Critical
GHSA-j6x7-42x2-hpcf was published for buffer-xoz (npm) Sep 3, 2020
Malicious Package in bufder-xor Critical
GHSA-w9q5-mvc6-5cw3 was published for bufder-xor (npm) Sep 3, 2020
Malicious Package in buffe2-xor Critical
GHSA-3f97-rj68-2pjf was published for buffe2-xor (npm) Sep 3, 2020
Malicious Package in buffdr-xor Critical
GHSA-8549-p68h-m9mc was published for buffdr-xor (npm) Sep 3, 2020
Malicious Package in buffer-8or Critical
GHSA-4hm7-73ch-vm59 was published for buffer-8or (npm) Sep 3, 2020
Malicious Package in import-mysql Critical
GHSA-whjr-jj69-7prm was published for import-mysql (npm) Sep 3, 2020
Malicious Package in k0a_multer Critical
GHSA-v95x-h953-x7fg was published for k0a_multer (npm) Sep 3, 2020
Malicious Package in mogodb Critical
GHSA-w3pp-wp5v-fjvp was published for mogodb (npm) Sep 3, 2020
Malicious Package in node-spdy Critical
GHSA-wfjh-3hq2-r276 was published for node-spdy (npm) Sep 3, 2020
Malicious Package in serilize Critical
GHSA-fw76-p9p2-6pvf was published for serilize (npm) Sep 3, 2020
Malicious Package in pizza-pasta Critical
GHSA-wxrm-2h86-v95f was published for pizza-pasta (npm) Sep 3, 2020
Malicious Package in node-ftp Critical
GHSA-5jgp-pg4f-q8vj was published for node-ftp (npm) Sep 3, 2020
Malicious Package in log-symboles Critical
GHSA-h232-fpqx-mqgr was published for log-symboles (npm) Sep 3, 2020
Malicious Package in retcodelog Critical
GHSA-j8hw-49gg-vq3w was published for retcodelog (npm) Sep 3, 2020
Malicious Package in rate-map Critical
GHSA-x48m-gp6r-gp4v was published for rate-map (npm) Sep 3, 2020
Malicious Package in luna-mock Critical
GHSA-qm4q-f956-fg64 was published for luna-mock (npm) Sep 3, 2020
Malicious Package in bictore-lib Critical
GHSA-f8vf-6hwg-hw55 was published for bictore-lib (npm) Sep 4, 2020
Malicious Package in bip30 Critical
GHSA-wch2-46wj-6x5j was published for bip30 (npm) Sep 4, 2020
Malicious Package in ecruve Critical
GHSA-fpf2-pr3j-4cm3 was published for ecruve (npm) Sep 3, 2020
Malicious Package in hdkye Critical
GHSA-8pwx-j4r6-5v38 was published for hdkye (npm) Sep 3, 2020
Malicious Package in rceat Critical
GHSA-7w7c-867m-4mqc was published for rceat (npm) Sep 3, 2020
Malicious Package in path-to-regxep Critical
GHSA-f7gc-6hcj-wc42 was published for path-to-regxep (npm) Sep 3, 2020
ProTip! Advisories are also available from the GraphQL API