Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,051
Erlang
29
GitHub Actions
19
Go
1,887
Maven
5,000+
npm
3,602
NuGet
638
pip
3,205
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

959 advisories

Loading
Malicious Package in angular-material-sidenav-rnd Critical
GHSA-qmxf-fxq7-w59f was published for angular-material-sidenav-rnd (npm) Sep 1, 2020
Malicious Package in another-date-picker Critical
GHSA-2p62-c4rm-mr72 was published for another-date-picker (npm) Sep 1, 2020
mprpic
Malicious Package in another-date-range-picker Critical
GHSA-8rxg-9g6f-vq9p was published for another-date-range-picker (npm) Sep 1, 2020
Malicious Package in awesome_react_utility Critical
GHSA-m25q-fwg4-9v2p was published for awesome_react_utility (npm) Sep 1, 2020
Malicious Package in blingjs Critical
GHSA-hfc6-79wv-5hpw was published for blingjs (npm) Sep 1, 2020
Malicious Package in codify Critical
GHSA-2q6w-rxf3-4wc9 was published for codify (npm) Sep 1, 2020
Malicious Package in coffee-project Critical
GHSA-3fv6-q5xv-fhpw was published for coffee-project (npm) Sep 1, 2020
Malicious Package in cordova-plugin-china-picker Critical
GHSA-x9gm-qxhh-rf75 was published for cordova-plugin-china-picker (npm) Sep 1, 2020
Malicious Package in css_transform_support Critical
GHSA-45cp-hpc9-8347 was published for css_transform_support (npm) Sep 1, 2020
Malicious Package in css_transform_step Critical
GHSA-4rx9-58m7-gr8w was published for css_transform_step (npm) Sep 1, 2020
Malicious Package in dynamo-schema Critical
GHSA-vp8g-53fw-r9f2 was published for dynamo-schema (npm) Sep 1, 2020
Malicious Package in dossier Critical
GHSA-c8h6-89q2-mgv8 was published for dossier (npm) Sep 1, 2020
Malicious Package in impala Critical
GHSA-92px-q4w8-hrr5 was published for impala (npm) Sep 1, 2020
Malicious Package in freshdom Critical
GHSA-8qm2-24qc-c4qg was published for freshdom (npm) Sep 1, 2020
Malicious Package in jasmin Critical
GHSA-9cq4-mhmr-84gm was published for jasmin (npm) Sep 1, 2020
Malicious Package in json-serializer Critical
GHSA-7xfq-xh6v-4mrm was published for json-serializer (npm) Sep 1, 2020
Malicious Package in modlibrary Critical
GHSA-94m7-w873-6wwf was published for modlibrary (npm) Sep 1, 2020
Malicious Package in oauth-validator Critical
GHSA-cxcf-78mr-wpg7 was published for oauth-validator (npm) Sep 1, 2020
Malicious Package in rc-calendar-jhorst Critical
GHSA-4c87-gg2q-fc6m was published for rc-calendar-jhorst (npm) Sep 1, 2020
Malicious Package in react-dates-sc Critical
GHSA-5645-gc7h-98h8 was published for react-dates-sc (npm) Sep 1, 2020
Malicious Package in react-server-native Critical
GHSA-fwvp-x5gj-773j was published for react-server-native (npm) Sep 1, 2020
Malicious Package in s3asy Critical
GHSA-3wjm-33mw-h388 was published for s3asy (npm) Sep 1, 2020
Malicious Package in simple-alipay Critical
GHSA-3wh2-2pp3-2823 was published for simple-alipay (npm) Sep 1, 2020
Malicious Package in xoc Critical
GHSA-54cr-gv8w-8324 was published for xoc (npm) Sep 1, 2020
Malicious Package in nginxbeautifier Critical
GHSA-28xx-8j99-m32j was published for nginxbeautifier (npm) Sep 1, 2020
ProTip! Advisories are also available from the GraphQL API