GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,017
Erlang
29
GitHub Actions
16
Go
1,828
Maven
5,000+
npm
3,573
NuGet
632
pip
3,150
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
2,986 advisories
Filter by severity
Malicious Package in reuest
Critical
GHSA-r863-p739-275c
was published
for
reuest
(npm)
Sep 11, 2020
Malicious Package in hsf-clients
Critical
GHSA-g5q2-fcg9-j526
was published
for
hsf-clients
(npm)
Sep 3, 2020
Malicious Package in qingting
Critical
GHSA-559q-92vx-xvjp
was published
for
qingting
(npm)
Sep 3, 2020
Malicious Package in maybemaliciouspackage
Critical
GHSA-m9r7-q9fc-qwx5
was published
for
maybemaliciouspackage
(npm)
Sep 3, 2020
Malicious Package in node-buc
Critical
GHSA-x3m6-rprw-862w
was published
for
node-buc
(npm)
Sep 3, 2020
Malicious Package in load-from-cwd-or-npm
Critical
GHSA-jxf5-7x3j-8j9m
was published
for
load-from-cwd-or-npm
(npm)
Sep 3, 2020
SQL Injection in Kylin
Critical
CVE-2020-13926
was published
for
org.apache.kylin:kylin-server-base
(Maven)
Jul 27, 2020
Malicious Package in reequest
Critical
GHSA-rw4r-h883-8pf9
was published
for
reequest
(npm)
Sep 2, 2020
Malicious Package in experss
Critical
GHSA-mmph-wp49-r48h
was published
for
experss
(npm)
Sep 2, 2020
Malicious Package in requestt
Critical
GHSA-2563-83p7-f34p
was published
for
requestt
(npm)
Sep 2, 2020
Malicious Package in requuest
Critical
GHSA-frxq-v7fm-m4pv
was published
for
requuest
(npm)
Sep 2, 2020
Malicious Package in reqquest
Critical
GHSA-4jfq-q299-g4cr
was published
for
reqquest
(npm)
Sep 2, 2020
Malicious Package in rrequest
Critical
GHSA-wc7q-qpm4-8pqv
was published
for
rrequest
(npm)
Sep 2, 2020
Malicious Package in appx-compiler
Critical
GHSA-8q2c-2396-hf7j
was published
for
appx-compiler
(npm)
Sep 3, 2020
ProTip!
Advisories are also available from the
GraphQL API