Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

382 advisories

Loading
Malicious Package in asinc Critical
GHSA-87qw-7v97-w34r was published for asinc (npm) Sep 2, 2020
Malicious Package in wepack-cli Critical
GHSA-fpw3-x4xq-6vxq was published for wepack-cli (npm) Sep 2, 2020
Malicious Package in jajajejejiji Critical
GHSA-rggq-f2wf-m6cp was published for jajajejejiji (npm) Sep 2, 2020
Malicious Package in 4equest Critical
GHSA-p33q-w45h-2hcj was published for 4equest (npm) Sep 2, 2020
Malicious Package in portionfatty12 Critical
GHSA-p8fm-w787-x6x3 was published for portionfatty12 (npm) Sep 2, 2020
Malicious Package in rrgod Critical
GHSA-277p-xwpp-3jf7 was published for rrgod (npm) Sep 2, 2020
Malicious Package in commander-js Critical
GHSA-2hqf-qqmq-pgpp was published for commander-js (npm) Sep 2, 2020
Entropy Backdoor in text-qrcode High
GHSA-h5vj-f7r9-w564 was published for text-qrcode (npm) Sep 1, 2020
Malicious Package in flatmap-stream Critical
GHSA-9x64-5r7x-2q53 was published for flatmap-stream (npm) Sep 1, 2020
Malicious Package in foever Critical
GHSA-j3qq-qvc8-c6g7 was published for foever (npm) Sep 1, 2020
Malicious Package in soket.js Critical
GHSA-x6gq-467r-hwcc was published for soket.js (npm) Sep 1, 2020
Malicious Package in soket.io Critical
GHSA-wp2p-q35g-3rjj was published for soket.io (npm) Sep 1, 2020
Malicious Package in regenraotr Critical
GHSA-5x7p-gm79-383m was published for regenraotr (npm) Sep 1, 2020
Malicious Package in regenrator Critical
GHSA-m5p4-7wf9-6w99 was published for regenrator (npm) Sep 1, 2020
Malicious Package in axois Critical
GHSA-wpfc-3w63-g4hm was published for axois (npm) Sep 1, 2020
Malicious Package in boogeyman Critical
GHSA-9hc2-w9gg-q6jw was published for boogeyman (npm) Sep 1, 2020
Malicious Package in eslint-config-airbnb-standard Critical
GHSA-m852-866j-69j8 was published for eslint-config-airbnb-standard (npm) Sep 1, 2020
Malicious Package in ladder-text-js Critical
GHSA-33gc-f8v9-v8hm was published for ladder-text-js (npm) Sep 1, 2020
Malicious Package in nothing-js Critical
GHSA-353r-3v84-9pjj was published for nothing-js (npm) Sep 1, 2020
Malicious Package in getcookies Critical
GHSA-3cjv-4phw-gvvv was published for getcookies (npm) Sep 1, 2020
Malicious Package in nginxbeautifier Critical
GHSA-28xx-8j99-m32j was published for nginxbeautifier (npm) Sep 1, 2020
Malicious Package in json-serializer Critical
GHSA-7xfq-xh6v-4mrm was published for json-serializer (npm) Sep 1, 2020
Malicious Package in freshdom Critical
GHSA-8qm2-24qc-c4qg was published for freshdom (npm) Sep 1, 2020
Malicious Package in impala Critical
GHSA-92px-q4w8-hrr5 was published for impala (npm) Sep 1, 2020
Malicious Package in dossier Critical
GHSA-c8h6-89q2-mgv8 was published for dossier (npm) Sep 1, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database