Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

38 advisories

Loading
Withdrawn Advisory: mariadb was malware High
CVE-2017-16046 was published for mariadb (npm) Jul 18, 2018 withdrawn
nodefabric is malware High
CVE-2017-16054 was published for nodefabric (npm) Jul 23, 2018
sqliter is malware High
CVE-2017-16051 was published for sqliter (npm) Jul 23, 2018
node-fabric is malware High
CVE-2017-16052 was published for node-fabric (npm) Jul 23, 2018
fabric-js is malware High
CVE-2017-16053 was published for fabric-js (npm) Jul 23, 2018
nodesqlite is malware High
CVE-2017-16049 was published for nodesqlite (npm) Jul 23, 2018
jquery.js is malware High
CVE-2017-16045 was published for jquery.js (npm) Jul 23, 2018
7h3Rabbit
node-sqlite is malware High
CVE-2017-16048 was published for node-sqlite (npm) Jul 23, 2018
d3.js is malware High
CVE-2017-16044 was published for d3.js (npm) Jul 23, 2018
coffe-script is malware High
CVE-2017-16203 was published for coffe-script (npm) Aug 6, 2018
coffescript is malware High
CVE-2017-16205 was published for coffescript (npm) Aug 6, 2018
discordi.js is malware High
CVE-2017-16207 was published for discordi.js (npm) Aug 6, 2018
crossenv is malware High
CVE-2017-16074 was published for crossenv (npm) Aug 29, 2018
http-proxy.js is malware High
CVE-2017-16075 was published for http-proxy.js (npm) Aug 29, 2018
smb is malware High
CVE-2017-16079 was published for smb (npm) Aug 29, 2018
nodeffmpeg is malware High
CVE-2017-16069 was published for nodeffmpeg (npm) Aug 29, 2018
nodecaffe is malware High
CVE-2017-16070 was published for nodecaffe (npm) Aug 29, 2018
nodemailer-js is malware High
CVE-2017-16071 was published for nodemailer-js (npm) Aug 29, 2018
nodemailer.js is malware High
CVE-2017-16072 was published for nodemailer.js (npm) Aug 29, 2018
openssl.js is malware High
CVE-2017-16065 was published for openssl.js (npm) Aug 29, 2018
opencv.js is malware High
CVE-2017-16066 was published for opencv.js (npm) Aug 29, 2018
node-opencv is malware High
CVE-2017-16067 was published for node-opencv (npm) Aug 29, 2018
ffmepg is malware High
CVE-2017-16068 was published for ffmepg (npm) Aug 29, 2018
babelcli is malware High
CVE-2017-16060 was published for babelcli (npm) Aug 29, 2018
noderequest is malware High
CVE-2017-16073 was published for noderequest (npm) Sep 17, 2018
ProTip! Advisories are also available from the GraphQL API