GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
378 advisories
Filter by severity
Withdrawn Advisory: mariadb was malware
High
CVE-2017-16046
was published
for
mariadb
(npm)
Jul 18, 2018
•
withdrawn
Malicious Package in beffer-xor
Critical
GHSA-7cvf-p83w-48q6
was published
for
beffer-xor
(npm)
Sep 3, 2020
Malicious Package in another-date-range-picker
Critical
GHSA-8rxg-9g6f-vq9p
was published
for
another-date-range-picker
(npm)
Sep 1, 2020
Malicious Package in @impala/bmap
Critical
GHSA-c82c-8pjw-6829
was published
for
@impala/bmap
(npm)
Sep 1, 2020
Malicious Package in another-date-picker
Critical
GHSA-2p62-c4rm-mr72
was published
for
another-date-picker
(npm)
Sep 1, 2020
npm-script-demo is malware
Critical
CVE-2017-16128
was published
for
npm-script-demo
(npm)
Sep 1, 2020
ProTip!
Advisories are also available from the
GraphQL API