GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
335 advisories
Filter by severity
Malicious Package in bs85check
Critical
GHSA-4hq8-v42x-9wx3
was published
for
bs85check
(npm)
Sep 4, 2020
Malicious Package in bs58chekc
Critical
GHSA-fwvq-x4j9-hr5f
was published
for
bs58chekc
(npm)
Sep 3, 2020
Malicious Package in path-to-regxep
Critical
GHSA-f7gc-6hcj-wc42
was published
for
path-to-regxep
(npm)
Sep 3, 2020
Malicious Package in siganle
Critical
GHSA-p5p2-rhc3-wmf3
was published
for
siganle
(npm)
Sep 3, 2020
Malicious Package in js-sla3
Critical
GHSA-h6m3-cx24-9626
was published
for
js-sla3
(npm)
Sep 3, 2020
Malicious Package in js-wha3
Critical
GHSA-785g-gx74-gr39
was published
for
js-wha3
(npm)
Sep 3, 2020
Malicious Package in js-sxa3
Critical
GHSA-jh67-3wqw-cvhr
was published
for
js-sxa3
(npm)
Sep 3, 2020
Malicious Package in owl-orchard-apple-sunshine
Critical
GHSA-h24p-2c3m-5qf4
was published
for
owl-orchard-apple-sunshine
(npm)
Sep 3, 2020
Malicious Package in jc-sha3
Critical
GHSA-gfj6-p24g-6hpm
was published
for
jc-sha3
(npm)
Sep 3, 2020
Malicious Package in js-rha3
Critical
GHSA-95cg-3r4g-7w6j
was published
for
js-rha3
(npm)
Sep 3, 2020
Malicious Package in js-sja3
Critical
GHSA-6343-m2qr-66gf
was published
for
js-sja3
(npm)
Sep 3, 2020
Malicious Package in bufver-xor
Critical
GHSA-cr4x-w2v7-4mmf
was published
for
bufver-xor
(npm)
Sep 3, 2020
Malicious Package in juffer-xor
Critical
GHSA-gqq4-937c-2282
was published
for
juffer-xor
(npm)
Sep 3, 2020
Malicious Package in jr-sha3
Critical
GHSA-67mp-pcv9-vvq6
was published
for
jr-sha3
(npm)
Sep 3, 2020
Malicious Package in buffur-xor
Critical
GHSA-p7qp-3fh7-pv4p
was published
for
buffur-xor
(npm)
Sep 3, 2020
Malicious Package in bufner-xor
Critical
GHSA-7xf6-cpxm-5mx9
was published
for
bufner-xor
(npm)
Sep 3, 2020
Malicious Package in bs-sha3
Critical
GHSA-88xx-23mf-rcj2
was published
for
bs-sha3
(npm)
Sep 3, 2020
Malicious Package in js-shq3
Critical
GHSA-766v-7gjx-55hf
was published
for
js-shq3
(npm)
Sep 3, 2020
Malicious Package in buffer-xov
Critical
GHSA-3h9m-9g3g-5wqx
was published
for
buffer-xov
(npm)
Sep 3, 2020
Malicious Package in buffgr-xor
Critical
GHSA-r9cj-xj33-4q42
was published
for
buffgr-xor
(npm)
Sep 3, 2020
Malicious Package in fuffer-xor
Critical
GHSA-c2g6-57fp-22wp
was published
for
fuffer-xor
(npm)
Sep 3, 2020
ProTip!
Advisories are also available from the
GraphQL API