Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
2,414
Erlang
24
GitHub Actions
13
Go
1,350
Maven
4,344
npm
3,255
NuGet
550
pip
2,252
Pub
8
RubyGems
766
Rust
685
Swift
32
Unreviewed advisories
All unreviewed
5,000+

62 advisories

Malicious Package in radic-util Critical
GHSA-8qh7-xw58-3ww7 was published for radic-util (npm) Sep 11, 2020
Malicious Package in motiv.scss Critical
GHSA-2vqq-jgxx-fxjc was published for motiv.scss (npm) Sep 11, 2020
Malicious Package in react-datepicker-plus Critical
GHSA-4wcx-c9c4-89p2 was published for react-datepicker-plus (npm) Sep 11, 2020
Malicious Package in precode.js Critical
GHSA-5w4r-wwc3-6qcp was published for precode.js (npm) Sep 11, 2020
Malicious Package in scroool Critical
GHSA-p7w2-mc6m-mfx2 was published for scroool (npm) Sep 11, 2020
Malicious Package in grunt-radical Critical
GHSA-4627-w373-375v was published for grunt-radical (npm) Sep 11, 2020
Malicious Package in ng-ui-library Critical
GHSA-2xw5-3767-qxvm was published for ng-ui-library (npm) Sep 11, 2020
Malicious Package in grunt-radic Critical
GHSA-9p49-cwh3-4qhf was published for grunt-radic (npm) Sep 11, 2020
Malicious Package in github-jquery-widgets Critical
GHSA-c722-pv5w-cfg2 was published for github-jquery-widgets (npm) Sep 11, 2020
Malicious Package in ember-power-timepicker Critical
GHSA-28f8-hqmc-7ph8 was published for ember-power-timepicker (npm) Sep 11, 2020
Malicious Package in geoheat Critical
GHSA-p32g-242c-76h3 was published for geoheat (npm) Sep 11, 2020
Malicious Package in angular-location-update Critical
GHSA-53jx-4wwh-gcqj was published for angular-location-update (npm) Sep 11, 2020
Malicious Package in json-serializer Critical
GHSA-chh2-rvhg-wqwr was published for json-serializer (npm) Sep 3, 2020
Malicious Package in bmap Critical
GHSA-p59g-6cqr-m73w was published for bmap (npm) Sep 3, 2020
Malicious Package in device-mqtt Critical
GHSA-563h-697m-j7x5 was published for device-mqtt (npm) Sep 3, 2020
Malicious Package in slush-fullstack-framework Critical
GHSA-4j54-mmmv-hjpm was published for slush-fullstack-framework (npm) Sep 3, 2020
Malicious Package in pensi-scheduler Critical
GHSA-j4ch-mw66-xmqv was published for pensi-scheduler (npm) Sep 3, 2020
Malicious Package in pyramid-proportion Critical
GHSA-v6vv-hhqc-6hh2 was published for pyramid-proportion (npm) Sep 3, 2020
Malicious Package in ngx-context-menu Critical
GHSA-xwg3-gjxh-c8pm was published for ngx-context-menu (npm) Sep 3, 2020
Malicious Package in @fangrong/xoc Critical
GHSA-pjxp-f379-6284 was published for @fangrong/xoc (npm) Sep 3, 2020
Malicious Package in iie-viz Critical
GHSA-jf55-rgpx-p6rx was published for iie-viz (npm) Sep 3, 2020
Malicious Package in jquery-airload Critical
GHSA-78p3-96hc-3j47 was published for jquery-airload (npm) Sep 3, 2020
Malicious Package in uploader-plugin Critical
GHSA-fx6f-fpfv-5hmc was published for uploader-plugin (npm) Sep 3, 2020
Malicious Package in zemen Critical
GHSA-377f-vvrc-9wgg was published for zemen (npm) Sep 3, 2020
Malicious Package in sailclothjs Critical
GHSA-m5pf-5894-jmx7 was published for sailclothjs (npm) Sep 3, 2020
ProTip! Advisories are also available from the GraphQL API