GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
382 advisories
Filter by severity
Hijacked Environment Variables in proxy.js
Moderate
CVE-2017-16076
was published
for
proxy.js
(npm)
Aug 29, 2018
Malicious Package in dossier
Critical
GHSA-c8h6-89q2-mgv8
was published
for
dossier
(npm)
Sep 1, 2020
Malicious Package in regenrator
Critical
GHSA-m5p4-7wf9-6w99
was published
for
regenrator
(npm)
Sep 1, 2020
Malicious Package in commnader
Critical
GHSA-855m-jchh-9qjc
was published
for
commnader
(npm)
Sep 2, 2020
Malicious Package in wepack-cli
Critical
GHSA-fpw3-x4xq-6vxq
was published
for
wepack-cli
(npm)
Sep 2, 2020
Malicious Package in commander-js
Critical
GHSA-2hqf-qqmq-pgpp
was published
for
commander-js
(npm)
Sep 2, 2020
Malicious Package in jajajejejiji
Critical
GHSA-rggq-f2wf-m6cp
was published
for
jajajejejiji
(npm)
Sep 2, 2020
Malicious Package in commmander
Critical
GHSA-q42c-rrp3-r3xm
was published
for
commmander
(npm)
Sep 11, 2020
Malicious Package in carloprojectlesang
Critical
GHSA-qj2g-642f-4jrv
was published
for
carloprojectlesang
(npm)
Sep 2, 2020
Malicious Package in destroyer-of-worlds
Critical
GHSA-w3f3-4j22-2v3p
was published
for
destroyer-of-worlds
(npm)
Sep 2, 2020
Malicious Package in uglyfi-js
Critical
GHSA-9xww-fwh9-95c5
was published
for
uglyfi-js
(npm)
Sep 2, 2020
Malicious Package in requset
Critical
GHSA-w7wg-24g3-2c78
was published
for
requset
(npm)
Sep 2, 2020
Malicious Package in requets
Critical
GHSA-f3pc-c2gf-hvgw
was published
for
requets
(npm)
Sep 2, 2020
Malicious Package in requst
Critical
GHSA-8qx4-r7fx-xc4v
was published
for
requst
(npm)
Sep 11, 2020
Malicious Package in colour-string
Critical
GHSA-8mmf-qp7j-2w24
was published
for
colour-string
(npm)
Sep 2, 2020
Malicious Package in donotinstallthis
Critical
GHSA-73hr-6785-f5p8
was published
for
donotinstallthis
(npm)
Sep 2, 2020
Malicious Package in rimrafall
Critical
GHSA-8hq2-fcqm-39hq
was published
for
rimrafall
(npm)
Sep 2, 2020
Malicious Package in require-ports
Critical
GHSA-qj3g-wfr7-3cv7
was published
for
require-ports
(npm)
Sep 2, 2020
Malicious Package in rpc-websocket
Critical
GHSA-x87g-rgrh-r6g3
was published
for
rpc-websocket
(npm)
Sep 3, 2020
Malicious Package in smartsearchwp
Critical
GHSA-fgp6-8g62-qx6w
was published
for
smartsearchwp
(npm)
Sep 3, 2020
Malicious Package in blingjs
Critical
GHSA-hfc6-79wv-5hpw
was published
for
blingjs
(npm)
Sep 1, 2020
ProTip!
Advisories are also available from the
GraphQL API