GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
378 advisories
Filter by severity
Withdrawn Advisory: mariadb was malware
High
CVE-2017-16046
was published
for
mariadb
(npm)
Jul 18, 2018
•
withdrawn
Malicious Package in beffer-xor
Critical
GHSA-7cvf-p83w-48q6
was published
for
beffer-xor
(npm)
Sep 3, 2020
Malicious Package in another-date-range-picker
Critical
GHSA-8rxg-9g6f-vq9p
was published
for
another-date-range-picker
(npm)
Sep 1, 2020
Malicious Package in @impala/bmap
Critical
GHSA-c82c-8pjw-6829
was published
for
@impala/bmap
(npm)
Sep 1, 2020
Malicious Package in another-date-picker
Critical
GHSA-2p62-c4rm-mr72
was published
for
another-date-picker
(npm)
Sep 1, 2020
npm-script-demo is malware
Critical
CVE-2017-16128
was published
for
npm-script-demo
(npm)
Sep 1, 2020
ProTip!
Advisories are also available from the
GraphQL API