Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,034 advisories

Loading
Directory Traversal in dgard8.lab6 High
CVE-2017-16218 was published for dgard8.lab6 (npm) Jul 23, 2018
Directory Traversal in nodeaaaaa High
CVE-2017-16223 was published for nodeaaaaa (npm) Jul 23, 2018
Path Traversal in public High
CVE-2018-3731 was published for public (npm) Jul 18, 2018
Withdrawn Advisory: mariadb was malware High
CVE-2017-16046 was published for mariadb (npm) Jul 18, 2018 withdrawn
cfscrape Improper Input Validation vulnerability High
CVE-2017-7235 was published for cfscrape (pip) Jul 13, 2018
Jupyter Notebook file bypasses sanitization, executes JavaScript High
CVE-2018-8768 was published for notebook (pip) Jul 12, 2018
Prototype Pollution in hoek High
CVE-2018-3728 was published for hoek (npm) Apr 26, 2018
Potential for Script Injection in syntax-error High
CVE-2014-7192 was published for syntax-error (npm) Oct 24, 2017
RDIL
Regular Expression Denial of Service in uglify-js High
CVE-2015-8858 was published for uglify-js (npm) Oct 24, 2017
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database