Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

950 advisories

Loading
Path Traversal in swagger-injector Critical
GHSA-v4x8-gw49-7hv4 was published for swagger-injector (npm) Sep 3, 2020
Path Traversal in @wturyn/swagger-injector Critical
GHSA-4x7w-frcq-v4m3 was published for @wturyn/swagger-injector (npm) Sep 3, 2020
Malicious Package in axioss Critical
GHSA-8w9j-6wg6-qv4f was published for axioss (npm) Sep 3, 2020
Malicious Package in body-parse-xml Critical
GHSA-jcmh-9fvm-j39w was published for body-parse-xml (npm) Sep 3, 2020
Command Injection in marsdb Critical
GHSA-5mrr-rgp6-x4gr was published for marsdb (npm) Sep 3, 2020
Malicious Package in mogobd Critical
GHSA-jchg-g94r-64qg was published for mogobd (npm) Sep 3, 2020
Malicious Package in discord.js-user Critical
GHSA-69r6-7h4f-9p7q was published for discord.js-user (npm) Sep 3, 2020
Malicious Package in require-port Critical
GHSA-rrvm-gqq8-q2wx was published for require-port (npm) Sep 3, 2020
Malicious Package in bubfer-xor Critical
GHSA-vm67-mh96-95mq was published for bubfer-xor (npm) Sep 3, 2020
Malicious Package in budfer-xor Critical
GHSA-6584-gfwm-3vc3 was published for budfer-xor (npm) Sep 3, 2020
Malicious Package in buffer-xo2 Critical
GHSA-f72h-wf57-7xwh was published for buffer-xo2 (npm) Sep 3, 2020
Malicious Package in buffar-xor Critical
GHSA-f64g-whxf-w8f2 was published for buffar-xor (npm) Sep 3, 2020
Malicious Package in buffer-xos Critical
GHSA-h2j3-gg8w-4858 was published for buffer-xos (npm) Sep 3, 2020
Malicious Package in bmap Critical
GHSA-p59g-6cqr-m73w was published for bmap (npm) Sep 3, 2020
Malicious Package in yeoman-genrator Critical
GHSA-f7g4-fm4c-54m9 was published for yeoman-genrator (npm) Sep 3, 2020
Malicious Package in buffer-hor Critical
GHSA-wh87-3959-vfrq was published for buffer-hor (npm) Sep 3, 2020
Malicious Package in buffer-xmr Critical
GHSA-5327-gfq5-8f4m was published for buffer-xmr (npm) Sep 3, 2020
Malicious Package in buffer-xop Critical
GHSA-jqjg-v355-hr9q was published for buffer-xop (npm) Sep 3, 2020
Malicious Package in cuffer-xor Critical
GHSA-6xm4-p6r2-mwrc was published for cuffer-xor (npm) Sep 3, 2020
Malicious Package in js-she3 Critical
GHSA-f8jj-45fj-44r6 was published for js-she3 (npm) Sep 3, 2020
Malicious Package in js-shas Critical
GHSA-5wq6-v5cw-jvfr was published for js-shas (npm) Sep 3, 2020
Malicious Package in sj-tw-abc Critical
GHSA-4hfc-fv33-ph9p was published for sj-tw-abc (npm) Sep 3, 2020
Malicious Package in ns-sha3 Critical
GHSA-j67m-jg9p-ppg4 was published for ns-sha3 (npm) Sep 3, 2020
Malicious Package in ruffer-xor Critical
GHSA-2mxc-m4c3-wqhq was published for ruffer-xor (npm) Sep 3, 2020
Malicious Package in js-3ha3 Critical
GHSA-52c9-458g-whrf was published for js-3ha3 (npm) Sep 3, 2020
ProTip! Advisories are also available from the GraphQL API