GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,466 advisories
Filter by severity
Regular Expression Denial of Service in hawk
High
CVE-2016-2515
was published
for
hawk
(npm)
Jul 31, 2018
Downloads Resources over HTTP in react-native-baidu-voice-synthesizer
High
CVE-2016-10697
was published
for
react-native-baidu-voice-synthesizer
(npm)
Jul 31, 2018
Downloads Resources over HTTP in alto-saxophone
High
CVE-2016-10694
was published
for
alto-saxophone
(npm)
Jul 31, 2018
Downloads Resources over HTTP in haxeshim
High
CVE-2016-10692
was published
for
haxeshim
(npm)
Jul 31, 2018
windows-seleniumjar downloads Resources over HTTP
High
CVE-2016-10691
was published
for
windows-seleniumjar
(npm)
Jul 31, 2018
Path Traversal in superstatic
High
GHSA-wm77-q74p-5763
was published
for
superstatic
(npm)
Jul 27, 2018
High severity vulnerability that affects jquery-ui
High
GHSA-g8q2-24jh-5hpc
was published
for
jQuery.UI.Combined
(RubyGems)
Jul 27, 2018
•
withdrawn
Downloads Resources over HTTP in mystem-fix
High
CVE-2016-10698
was published
for
mystem-fix
(npm)
Jul 27, 2018
Authentication Bypass in passport-azure-ad
High
CVE-2016-7191
was published
for
passport-azure-ad
(npm)
Jul 26, 2018
Path Traversal in general-file-server
High
CVE-2018-3724
was published
for
general-file-server
(npm)
Jul 26, 2018
Prototype Pollution in defaults-deep
High
CVE-2018-3723
was published
for
defaults-deep
(npm)
Jul 26, 2018
Prototype Pollution in merge-deep
High
CVE-2018-3722
was published
for
merge-deep
(npm)
Jul 26, 2018
Prototype Pollution in assign-deep
High
CVE-2018-3720
was published
for
assign-deep
(npm)
Jul 26, 2018
Prototype Pollution in mixin-deep
High
CVE-2018-3719
was published
for
mixin-deep
(npm)
Jul 26, 2018
Path Traversal in localhost-now
High
CVE-2018-3729
was published
for
localhost-now
(npm)
Jul 25, 2018
Regular Expression Denial of Service in fresh
High
CVE-2017-16119
was published
for
fresh
(npm)
Jul 24, 2018
Regular Expression Denial of Service in forwarded
High
CVE-2017-16118
was published
for
forwarded
(npm)
Jul 24, 2018
Regular Expression Denial of Service in string package
High
CVE-2017-16116
was published
for
string
(npm)
Jul 24, 2018
ProTip!
Advisories are also available from the
GraphQL API