GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
975 advisories
Filter by severity
Downloads Resources over HTTP in fis-parser-sass-bin
High
CVE-2016-10660
was published
for
fis-parser-sass-bin
(npm)
Feb 18, 2019
Downloads Resources over HTTP in co-cli-installer
High
CVE-2016-10657
was published
for
co-cli-installer
(npm)
Feb 18, 2019
Downloads Resources over HTTP in tomita
High
CVE-2016-10662
was published
for
tomita
(npm)
Feb 18, 2019
Downloads Resources over HTTP in macaca-chromedriver-zxa
High
CVE-2016-10623
was published
for
macaca-chromedriver-zxa
(npm)
Feb 18, 2019
Downloads Resources over HTTP in box2d-native
High
CVE-2016-10617
was published
for
box2d-native
(npm)
Feb 18, 2019
Downloads Resources over HTTP in curses
High
CVE-2016-10615
was published
for
curses
(npm)
Feb 18, 2019
Downloads Resources over HTTP in mongodb-instance
High
CVE-2016-10572
was published
for
mongodb-instance
(npm)
Feb 18, 2019
Cross-Site Scripting in keystone
Moderate
CVE-2017-15878
was published
for
keystone
(npm)
Nov 15, 2017
Downloads Resources over HTTP in webrtc-native
High
CVE-2016-10600
was published
for
webrtc-native
(npm)
Feb 18, 2019
Downloads Resources over HTTP in baryton-saxophone
High
CVE-2016-10573
was published
for
baryton-saxophone
(npm)
Feb 18, 2019
Potential for Script Injection in syntax-error
High
CVE-2014-7192
was published
for
syntax-error
(npm)
Oct 24, 2017
Downloads Resources over HTTP in httpsync
High
CVE-2016-10614
was published
for
httpsync
(npm)
Feb 18, 2019
Downloads Resources over HTTP in tomita-parser
High
CVE-2016-10666
was published
for
tomita-parser
(npm)
Feb 18, 2019
Downloads Resources over HTTP in fibjs
High
CVE-2016-10621
was published
for
fibjs
(npm)
Feb 18, 2019
Downloads Resources over HTTP in windows-seleniumjar-mirror
High
CVE-2016-10670
was published
for
windows-seleniumjar-mirror
(npm)
Feb 18, 2019
Downloads Resources over HTTP in webdriver-launcher
High
CVE-2016-10651
was published
for
webdriver-launcher
(npm)
Feb 18, 2019
Downloads Resources over HTTP in haxe3
High
CVE-2016-10688
was published
for
haxe3
(npm)
Aug 17, 2018
Downloads Resources over HTTP in massif
High
CVE-2016-10682
was published
for
massif
(npm)
Feb 18, 2019
Downloads Resources over HTTP in ntfserver
High
CVE-2016-10650
was published
for
ntfserver
(npm)
Feb 18, 2019
Downloads Resources over HTTP in scala-bin
High
CVE-2016-10627
was published
for
scala-bin
(npm)
Feb 18, 2019
Cross-Site Scripting in editor.md
Moderate
CVE-2019-9737
was published
for
editor.md
(npm)
Mar 14, 2019
Cross Site Scripting (XSS) in plotly.js
Moderate
CVE-2017-1000006
was published
for
plotly.js
(npm)
Oct 24, 2017
Sandbox Breakout in realms-shim
Critical
GHSA-7cg8-pq9v-x98q
was published
for
realms-shim
(npm)
Oct 21, 2019
Downloads Resources over HTTP in mystem3
High
CVE-2016-10626
was published
for
mystem3
(npm)
Feb 18, 2019
ProTip!
Advisories are also available from the
GraphQL API