Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

378 advisories

Loading
Malicious Package in js-shc3 Critical
GHSA-69mf-2cw2-38m8 was published for js-shc3 (npm) Sep 3, 2020
Malicious Package in js-shas Critical
GHSA-5wq6-v5cw-jvfr was published for js-shas (npm) Sep 3, 2020
Malicious Package in js-sha7 Critical
GHSA-hvgc-mggg-pxr2 was published for js-sha7 (npm) Sep 3, 2020
Malicious Package in js-rha3 Critical
GHSA-95cg-3r4g-7w6j was published for js-rha3 (npm) Sep 3, 2020
Malicious Package in js-qha3 Critical
GHSA-vf5m-q45w-8mh9 was published for js-qha3 (npm) Sep 3, 2020
Malicious Package in js-cha3 Critical
GHSA-7xf9-74cp-8hx3 was published for js-cha3 (npm) Sep 3, 2020
Malicious Package in js-3ha3 Critical
GHSA-52c9-458g-whrf was published for js-3ha3 (npm) Sep 3, 2020
Malicious Package in jr-sha3 Critical
GHSA-67mp-pcv9-vvq6 was published for jr-sha3 (npm) Sep 3, 2020
Malicious Package in jq-sha3 Critical
GHSA-x8m7-cv39-xmg9 was published for jq-sha3 (npm) Sep 3, 2020
Malicious Package in jc-sha3 Critical
GHSA-gfj6-p24g-6hpm was published for jc-sha3 (npm) Sep 3, 2020
Malicious Package in j3-sha3 Critical
GHSA-p3jx-g34v-q56j was published for j3-sha3 (npm) Sep 3, 2020
Malicious Package in hs-sha3 Critical
GHSA-6mrq-7r7m-hh4p was published for hs-sha3 (npm) Sep 3, 2020
Malicious Package in bs-sha3 Critical
GHSA-88xx-23mf-rcj2 was published for bs-sha3 (npm) Sep 3, 2020
Malicious Package in ruffer-xor Critical
GHSA-2mxc-m4c3-wqhq was published for ruffer-xor (npm) Sep 3, 2020
Malicious Package in juffer-xor Critical
GHSA-gqq4-937c-2282 was published for juffer-xor (npm) Sep 3, 2020
Malicious Package in fuffer-xor Critical
GHSA-c2g6-57fp-22wp was published for fuffer-xor (npm) Sep 3, 2020
Malicious Package in cuffer-xor Critical
GHSA-6xm4-p6r2-mwrc was published for cuffer-xor (npm) Sep 3, 2020
Malicious Package in bwffer-xor Critical
GHSA-7qg7-6g3g-8vxg was published for bwffer-xor (npm) Sep 3, 2020
Malicious Package in buvfer-xor Critical
GHSA-wjpj-gmc3-5w56 was published for buvfer-xor (npm) Sep 3, 2020
Malicious Package in bugfer-xor Critical
GHSA-8g64-9cm2-838j was published for bugfer-xor (npm) Sep 3, 2020
Malicious Package in bunfer-xor Critical
GHSA-6f93-xj8r-jp82 was published for bunfer-xor (npm) Sep 3, 2020
Malicious Package in bufner-xor Critical
GHSA-7xf6-cpxm-5mx9 was published for bufner-xor (npm) Sep 3, 2020
Malicious Package in bufver-xor Critical
GHSA-cr4x-w2v7-4mmf was published for bufver-xor (npm) Sep 3, 2020
Malicious Package in bufger-xor Critical
GHSA-2w8q-69fh-9gq6 was published for bufger-xor (npm) Sep 3, 2020
Malicious Package in buffur-xor Critical
GHSA-p7qp-3fh7-pv4p was published for buffur-xor (npm) Sep 3, 2020
ProTip! Advisories are also available from the GraphQL API