Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,804
Erlang
29
GitHub Actions
16
Go
1,713
Maven
4,948
npm
3,477
NuGet
605
pip
3,007
Pub
10
RubyGems
830
Rust
774
Swift
34
Unreviewed advisories
All unreviewed
5,000+

382 advisories

node-opensl is malware High
CVE-2017-16063 was published for node-opensl (npm) Oct 3, 2018
noderequest is malware High
CVE-2017-16073 was published for noderequest (npm) Sep 17, 2018
babelcli is malware High
CVE-2017-16060 was published for babelcli (npm) Aug 29, 2018
ffmepg is malware High
CVE-2017-16068 was published for ffmepg (npm) Aug 29, 2018
node-opencv is malware High
CVE-2017-16067 was published for node-opencv (npm) Aug 29, 2018
opencv.js is malware High
CVE-2017-16066 was published for opencv.js (npm) Aug 29, 2018
openssl.js is malware High
CVE-2017-16065 was published for openssl.js (npm) Aug 29, 2018
nodemailer.js is malware High
CVE-2017-16072 was published for nodemailer.js (npm) Aug 29, 2018
nodemailer-js is malware High
CVE-2017-16071 was published for nodemailer-js (npm) Aug 29, 2018
nodecaffe is malware High
CVE-2017-16070 was published for nodecaffe (npm) Aug 29, 2018
nodeffmpeg is malware High
CVE-2017-16069 was published for nodeffmpeg (npm) Aug 29, 2018
smb is malware High
CVE-2017-16079 was published for smb (npm) Aug 29, 2018
Hijacked Environment Variables in proxy.js Moderate
CVE-2017-16076 was published for proxy.js (npm) Aug 29, 2018
http-proxy.js is malware High
CVE-2017-16075 was published for http-proxy.js (npm) Aug 29, 2018
crossenv is malware High
CVE-2017-16074 was published for crossenv (npm) Aug 29, 2018
Shadowsock is malware Moderate
CVE-2017-16078 was published for shadowsock (npm) Aug 27, 2018
discordi.js is malware High
CVE-2017-16207 was published for discordi.js (npm) Aug 6, 2018
jquey is malware Moderate
CVE-2017-16204 was published for jquey (npm) Aug 6, 2018
coffescript is malware High
CVE-2017-16205 was published for coffescript (npm) Aug 6, 2018
coffe-script is malware High
CVE-2017-16203 was published for coffe-script (npm) Aug 6, 2018
cofeescript is malware Moderate
CVE-2017-16202 was published for cofeescript (npm) Aug 6, 2018
d3.js is malware High
CVE-2017-16044 was published for d3.js (npm) Jul 23, 2018
node-sqlite is malware High
CVE-2017-16048 was published for node-sqlite (npm) Jul 23, 2018
jquery.js is malware High
CVE-2017-16045 was published for jquery.js (npm) Jul 23, 2018
7h3Rabbit
sqlite.js is malware Moderate
CVE-2017-16050 was published for sqlite.js (npm) Jul 23, 2018
ProTip! Advisories are also available from the GraphQL API