GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
666
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
382 advisories
Filter by severity
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. The...
Critical
Unreviewed
CVE-2024-3094
was published
Mar 29, 2024
Embedded malicious code vulnerability in Vision1210, in the build 5 of operating system version 4...
Critical
Unreviewed
CVE-2023-2003
was published
Jul 13, 2023
Malware in pre-build binaries of bignum
Critical
GHSA-7cgc-fjv4-52x6
was published
for
bignum
(npm)
May 24, 2023
Microsoft Exchange Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2021-26857
was published
May 24, 2022
Embedded Malicious Code in node-ipc
Critical
CVE-2022-23812
was published
for
node-ipc
(npm)
Mar 16, 2022
Malicious npm package: an0n-chat-lib
Critical
GHSA-7xcv-wvr7-4h6p
was published
for
an0n-chat-lib
(npm)
Jan 29, 2021
Malicious npm package: discord-fix
Critical
GHSA-qv2g-99x4-45x6
was published
for
discord-fix
(npm)
Jan 29, 2021
Malicious npm package: sonatype
Critical
GHSA-w8fh-pvq2-x8c4
was published
for
sonatype
(npm)
Jan 29, 2021
Malicious code in `loadyaml`
Critical
GHSA-mfc2-93pr-jf92
was published
for
loadyaml
(npm)
Oct 1, 2020
Malicious code in `electorn`
Critical
GHSA-38hx-3542-8fh3
was published
for
electorn
(npm)
Oct 1, 2020
Malicious Package in motiv.scss
Critical
GHSA-2vqq-jgxx-fxjc
was published
for
motiv.scss
(npm)
Sep 11, 2020
Malicious Package in react-datepicker-plus
Critical
GHSA-4wcx-c9c4-89p2
was published
for
react-datepicker-plus
(npm)
Sep 11, 2020
Malicious Package in ng-ui-library
Critical
GHSA-2xw5-3767-qxvm
was published
for
ng-ui-library
(npm)
Sep 11, 2020
Malicious Package in test-module-a
Critical
GHSA-76xq-58hj-vwm2
was published
for
test-module-a
(npm)
Sep 11, 2020
Malicious Package in epress
Critical
GHSA-vf8q-pw7h-r2x2
was published
for
epress
(npm)
Sep 11, 2020
Malicious Package in commmander
Critical
GHSA-q42c-rrp3-r3xm
was published
for
commmander
(npm)
Sep 11, 2020
Malicious Package in blubird
Critical
GHSA-rvww-x6m4-4vc2
was published
for
blubird
(npm)
Sep 11, 2020
Malicious Package in equest
Critical
GHSA-mvch-rh6h-2m47
was published
for
equest
(npm)
Sep 11, 2020
Malicious Package in commqnder
Critical
GHSA-4xgp-xrg3-c73w
was published
for
commqnder
(npm)
Sep 11, 2020
Malicious Package in angluar-cli
Critical
GHSA-8mm3-2mcj-cx6r
was published
for
angluar-cli
(npm)
Sep 11, 2020
Malicious Package in reuest
Critical
GHSA-r863-p739-275c
was published
for
reuest
(npm)
Sep 11, 2020
Malicious Package in shrugging-logging
Critical
GHSA-qv78-398w-cxp7
was published
for
shrugging-logging
(npm)
Sep 11, 2020
ProTip!
Advisories are also available from the
GraphQL API