GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,713
NuGet
661
pip
3,386
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
333 advisories
Filter by severity
Malicious Package in eslint-scope
Critical
GHSA-hxxf-q3w9-4xgw
was published
for
eslint-config-eslint
(npm)
Jul 12, 2018
Critical severity vulnerability that affects event-stream and flatmap-stream
Critical
GHSA-mh6f-8j2x-4483
was published
for
event-stream
(npm)
Nov 26, 2018
npm-script-demo is malware
Critical
CVE-2017-16128
was published
for
npm-script-demo
(npm)
Sep 1, 2020
Malicious Package in @impala/bmap
Critical
GHSA-c82c-8pjw-6829
was published
for
@impala/bmap
(npm)
Sep 1, 2020
Malicious Package in angular-bmap
Critical
GHSA-w8hg-mxvh-9h57
was published
for
angular-bmap
(npm)
Sep 1, 2020
Malicious Package in angular-material-sidenav-rnd
Critical
GHSA-qmxf-fxq7-w59f
was published
for
angular-material-sidenav-rnd
(npm)
Sep 1, 2020
Malicious Package in another-date-picker
Critical
GHSA-2p62-c4rm-mr72
was published
for
another-date-picker
(npm)
Sep 1, 2020
Malicious Package in another-date-range-picker
Critical
GHSA-8rxg-9g6f-vq9p
was published
for
another-date-range-picker
(npm)
Sep 1, 2020
Malicious Package in awesome_react_utility
Critical
GHSA-m25q-fwg4-9v2p
was published
for
awesome_react_utility
(npm)
Sep 1, 2020
Malicious Package in blingjs
Critical
GHSA-hfc6-79wv-5hpw
was published
for
blingjs
(npm)
Sep 1, 2020
Malicious Package in cordova-plugin-china-picker
Critical
GHSA-x9gm-qxhh-rf75
was published
for
cordova-plugin-china-picker
(npm)
Sep 1, 2020
Malicious Package in dynamo-schema
Critical
GHSA-vp8g-53fw-r9f2
was published
for
dynamo-schema
(npm)
Sep 1, 2020
Malicious Package in dossier
Critical
GHSA-c8h6-89q2-mgv8
was published
for
dossier
(npm)
Sep 1, 2020
Malicious Package in freshdom
Critical
GHSA-8qm2-24qc-c4qg
was published
for
freshdom
(npm)
Sep 1, 2020
Malicious Package in json-serializer
Critical
GHSA-7xfq-xh6v-4mrm
was published
for
json-serializer
(npm)
Sep 1, 2020
Malicious Package in nginxbeautifier
Critical
GHSA-28xx-8j99-m32j
was published
for
nginxbeautifier
(npm)
Sep 1, 2020
Malicious Package in getcookies
Critical
GHSA-3cjv-4phw-gvvv
was published
for
getcookies
(npm)
Sep 1, 2020
Malicious Package in nothing-js
Critical
GHSA-353r-3v84-9pjj
was published
for
nothing-js
(npm)
Sep 1, 2020
Malicious Package in ladder-text-js
Critical
GHSA-33gc-f8v9-v8hm
was published
for
ladder-text-js
(npm)
Sep 1, 2020
Malicious Package in eslint-config-airbnb-standard
Critical
GHSA-m852-866j-69j8
was published
for
eslint-config-airbnb-standard
(npm)
Sep 1, 2020
Malicious Package in boogeyman
Critical
GHSA-9hc2-w9gg-q6jw
was published
for
boogeyman
(npm)
Sep 1, 2020
Malicious Package in regenrator
Critical
GHSA-m5p4-7wf9-6w99
was published
for
regenrator
(npm)
Sep 1, 2020
ProTip!
Advisories are also available from the
GraphQL API