Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+

22,038 advisories

Loading
Malicious Package in jquerz Critical
GHSA-c6f3-3c98-2j2f was published for jquerz (npm) Sep 2, 2020
Malicious Package in froever Critical
GHSA-2r8f-2665-3gxq was published for froever (npm) Sep 2, 2020
Malicious Package in browserift Critical
GHSA-43vf-2x6g-p2m5 was published for browserift (npm) Sep 2, 2020
Malicious Package in hulp Critical
GHSA-fqw7-8v6m-2f86 was published for hulp (npm) Sep 2, 2020
Malicious Package in bmap Critical
GHSA-p59g-6cqr-m73w was published for bmap (npm) Sep 3, 2020
Malicious Package in yeoman-genrator Critical
GHSA-f7g4-fm4c-54m9 was published for yeoman-genrator (npm) Sep 3, 2020
Malicious Package in budfer-xor Critical
GHSA-6584-gfwm-3vc3 was published for budfer-xor (npm) Sep 3, 2020
Malicious Package in buffer-hor Critical
GHSA-wh87-3959-vfrq was published for buffer-hor (npm) Sep 3, 2020
Malicious Package in buffer-xmr Critical
GHSA-5327-gfq5-8f4m was published for buffer-xmr (npm) Sep 3, 2020
Malicious Package in buffer-xos Critical
GHSA-h2j3-gg8w-4858 was published for buffer-xos (npm) Sep 3, 2020
Malicious Package in require-port Critical
GHSA-rrvm-gqq8-q2wx was published for require-port (npm) Sep 3, 2020
Malicious Package in buffar-xor Critical
GHSA-f64g-whxf-w8f2 was published for buffar-xor (npm) Sep 3, 2020
Malicious Package in buffer-xo2 Critical
GHSA-f72h-wf57-7xwh was published for buffer-xo2 (npm) Sep 3, 2020
Malicious Package in bubfer-xor Critical
GHSA-vm67-mh96-95mq was published for bubfer-xor (npm) Sep 3, 2020
Malicious Package in buffer-xop Critical
GHSA-jqjg-v355-hr9q was published for buffer-xop (npm) Sep 3, 2020
Malicious Package in js-qha3 Critical
GHSA-vf5m-q45w-8mh9 was published for js-qha3 (npm) Sep 3, 2020
Malicious Package in js-shi3 Critical
GHSA-g37j-v5gh-g25c was published for js-shi3 (npm) Sep 3, 2020
Malicious Package in js-sia3 Critical
GHSA-3mhm-jvqj-fvhg was published for js-sia3 (npm) Sep 3, 2020
Malicious Package in sj-tw-abc Critical
GHSA-4hfc-fv33-ph9p was published for sj-tw-abc (npm) Sep 3, 2020
Malicious Package in cuffer-xor Critical
GHSA-6xm4-p6r2-mwrc was published for cuffer-xor (npm) Sep 3, 2020
Malicious Package in js-sha7 Critical
GHSA-hvgc-mggg-pxr2 was published for js-sha7 (npm) Sep 3, 2020
Malicious Package in js-3ha3 Critical
GHSA-52c9-458g-whrf was published for js-3ha3 (npm) Sep 3, 2020
Malicious Package in ruffer-xor Critical
GHSA-2mxc-m4c3-wqhq was published for ruffer-xor (npm) Sep 3, 2020
Malicious Package in js-shas Critical
GHSA-5wq6-v5cw-jvfr was published for js-shas (npm) Sep 3, 2020
Malicious Package in js-she3 Critical
GHSA-f8jj-45fj-44r6 was published for js-she3 (npm) Sep 3, 2020
ProTip! Advisories are also available from the GraphQL API