Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,965
Erlang
29
GitHub Actions
16
Go
1,747
Maven
4,975
npm
3,507
NuGet
609
pip
3,071
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

950 advisories

Loading
Malicious Package in angular-material-sidenav-rnd Critical
GHSA-qmxf-fxq7-w59f was published for angular-material-sidenav-rnd (npm) Sep 1, 2020
Malicious Package in cordova-plugin-china-picker Critical
GHSA-x9gm-qxhh-rf75 was published for cordova-plugin-china-picker (npm) Sep 1, 2020
Malicious Package in axois Critical
GHSA-wpfc-3w63-g4hm was published for axois (npm) Sep 1, 2020
Malicious Package in soket.js Critical
GHSA-x6gq-467r-hwcc was published for soket.js (npm) Sep 1, 2020
Malicious Package in rrgod Critical
GHSA-277p-xwpp-3jf7 was published for rrgod (npm) Sep 2, 2020
Malicious Package in ali-contributor Critical
GHSA-h3m2-h22h-695r was published for ali-contributor (npm) Sep 3, 2020
Malicious Package in asyync Critical
GHSA-rm7c-x424-g2mw was published for asyync (npm) Sep 2, 2020
Malicious Package in hsf-clients Critical
GHSA-g5q2-fcg9-j526 was published for hsf-clients (npm) Sep 3, 2020
Malicious Package in midway-dataproxy Critical
GHSA-mq9h-cwc2-6j5r was published for midway-dataproxy (npm) Sep 3, 2020
Malicious Package in tiar Critical
GHSA-4hjg-w3ww-38c6 was published for tiar (npm) Sep 3, 2020
Malicious Package in asnyc Critical
GHSA-v99v-xgjx-7m7g was published for asnyc (npm) Sep 2, 2020
Malicious Package in momen Critical
GHSA-h5vm-jhq7-w647 was published for momen (npm) Sep 2, 2020
Malicious Package in reqquest Critical
GHSA-4jfq-q299-g4cr was published for reqquest (npm) Sep 2, 2020
Malicious Package in reequest Critical
GHSA-rw4r-h883-8pf9 was published for reequest (npm) Sep 2, 2020
Malicious Package in rrequest Critical
GHSA-wc7q-qpm4-8pqv was published for rrequest (npm) Sep 2, 2020
Malicious Package in asymc Critical
GHSA-x6ch-c6rv-f7wh was published for asymc (npm) Sep 2, 2020
Malicious Package in maybemaliciouspackage Critical
GHSA-m9r7-q9fc-qwx5 was published for maybemaliciouspackage (npm) Sep 3, 2020
Malicious Package in my-very-own-package Critical
GHSA-crr2-ph72-c52g was published for my-very-own-package (npm) Sep 3, 2020
Malicious Package in appx-compiler Critical
GHSA-8q2c-2396-hf7j was published for appx-compiler (npm) Sep 3, 2020
Malicious Package in cal_rd Critical
GHSA-226w-6hhj-69hp was published for cal_rd (npm) Sep 3, 2020
Malicious Package in requuest Critical
GHSA-frxq-v7fm-m4pv was published for requuest (npm) Sep 2, 2020
Malicious Package in reuest Critical
GHSA-r863-p739-275c was published for reuest (npm) Sep 11, 2020
Malicious Package in asycn Critical
GHSA-h26f-j4mv-84g7 was published for asycn (npm) Sep 2, 2020
Malicious Package in exprss Critical
GHSA-6qc7-jgq7-34rf was published for exprss (npm) Sep 2, 2020
Malicious Package in experss Critical
GHSA-mmph-wp49-r48h was published for experss (npm) Sep 2, 2020
ProTip! Advisories are also available from the GraphQL API