GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
950 advisories
Filter by severity
Path Traversal in swagger-injector
Critical
GHSA-v4x8-gw49-7hv4
was published
for
swagger-injector
(npm)
Sep 3, 2020
Path Traversal in @wturyn/swagger-injector
Critical
GHSA-4x7w-frcq-v4m3
was published
for
@wturyn/swagger-injector
(npm)
Sep 3, 2020
Malicious Package in body-parse-xml
Critical
GHSA-jcmh-9fvm-j39w
was published
for
body-parse-xml
(npm)
Sep 3, 2020
Malicious Package in discord.js-user
Critical
GHSA-69r6-7h4f-9p7q
was published
for
discord.js-user
(npm)
Sep 3, 2020
Malicious Package in require-port
Critical
GHSA-rrvm-gqq8-q2wx
was published
for
require-port
(npm)
Sep 3, 2020
Malicious Package in bubfer-xor
Critical
GHSA-vm67-mh96-95mq
was published
for
bubfer-xor
(npm)
Sep 3, 2020
Malicious Package in budfer-xor
Critical
GHSA-6584-gfwm-3vc3
was published
for
budfer-xor
(npm)
Sep 3, 2020
Malicious Package in buffer-xo2
Critical
GHSA-f72h-wf57-7xwh
was published
for
buffer-xo2
(npm)
Sep 3, 2020
Malicious Package in buffar-xor
Critical
GHSA-f64g-whxf-w8f2
was published
for
buffar-xor
(npm)
Sep 3, 2020
Malicious Package in buffer-xos
Critical
GHSA-h2j3-gg8w-4858
was published
for
buffer-xos
(npm)
Sep 3, 2020
Malicious Package in yeoman-genrator
Critical
GHSA-f7g4-fm4c-54m9
was published
for
yeoman-genrator
(npm)
Sep 3, 2020
Malicious Package in buffer-hor
Critical
GHSA-wh87-3959-vfrq
was published
for
buffer-hor
(npm)
Sep 3, 2020
Malicious Package in buffer-xmr
Critical
GHSA-5327-gfq5-8f4m
was published
for
buffer-xmr
(npm)
Sep 3, 2020
Malicious Package in buffer-xop
Critical
GHSA-jqjg-v355-hr9q
was published
for
buffer-xop
(npm)
Sep 3, 2020
Malicious Package in cuffer-xor
Critical
GHSA-6xm4-p6r2-mwrc
was published
for
cuffer-xor
(npm)
Sep 3, 2020
Malicious Package in js-she3
Critical
GHSA-f8jj-45fj-44r6
was published
for
js-she3
(npm)
Sep 3, 2020
Malicious Package in js-shas
Critical
GHSA-5wq6-v5cw-jvfr
was published
for
js-shas
(npm)
Sep 3, 2020
Malicious Package in sj-tw-abc
Critical
GHSA-4hfc-fv33-ph9p
was published
for
sj-tw-abc
(npm)
Sep 3, 2020
Malicious Package in ns-sha3
Critical
GHSA-j67m-jg9p-ppg4
was published
for
ns-sha3
(npm)
Sep 3, 2020
Malicious Package in ruffer-xor
Critical
GHSA-2mxc-m4c3-wqhq
was published
for
ruffer-xor
(npm)
Sep 3, 2020
Malicious Package in js-3ha3
Critical
GHSA-52c9-458g-whrf
was published
for
js-3ha3
(npm)
Sep 3, 2020
ProTip!
Advisories are also available from the
GraphQL API