GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
635 advisories
Filter by severity
Backdoor / Malicious code
Critical
GHSA-q2hm-gx3f-h63q
was published
for
lita-coin
(RubyGems)
Feb 23, 2021
•
withdrawn
Unrestricted upload of file with dangerous type in Apache Solr
Critical
CVE-2019-12409
was published
for
org.apache.solr:solr-core
(Maven)
Jan 28, 2020
Deserialization of Untrusted Data in Apache Olingo
Critical
CVE-2019-17556
was published
for
org.apache.olingo:odata-client-proxy
(Maven)
Feb 4, 2020
Validation Bypass in schema-inspector
Critical
CVE-2019-10781
was published
for
schema-inspector
(npm)
Jun 10, 2020
Sandbox Breakout in realms-shim
Critical
GHSA-7cg8-pq9v-x98q
was published
for
realms-shim
(npm)
Oct 21, 2019
Critical severity vulnerability that affects org.apache.solr:solr-core
Critical
CVE-2019-0192
was published
for
org.apache.solr:solr-core
(Maven)
Mar 14, 2019
Cross-Site Scripting in swagger-ui
Critical
CVE-2016-5682
was published
for
swagger-ui
(npm)
Sep 1, 2020
Malicious Package in dossier
Critical
GHSA-c8h6-89q2-mgv8
was published
for
dossier
(npm)
Sep 1, 2020
Malicious Package in regenrator
Critical
GHSA-m5p4-7wf9-6w99
was published
for
regenrator
(npm)
Sep 1, 2020
Malicious Package in jajajejejiji
Critical
GHSA-rggq-f2wf-m6cp
was published
for
jajajejejiji
(npm)
Sep 2, 2020
Malicious Package in commnader
Critical
GHSA-855m-jchh-9qjc
was published
for
commnader
(npm)
Sep 2, 2020
Malicious Package in commander-js
Critical
GHSA-2hqf-qqmq-pgpp
was published
for
commander-js
(npm)
Sep 2, 2020
Malicious Package in wepack-cli
Critical
GHSA-fpw3-x4xq-6vxq
was published
for
wepack-cli
(npm)
Sep 2, 2020
Malicious Package in rimrafall
Critical
GHSA-8hq2-fcqm-39hq
was published
for
rimrafall
(npm)
Sep 2, 2020
Malicious Package in requset
Critical
GHSA-w7wg-24g3-2c78
was published
for
requset
(npm)
Sep 2, 2020
Malicious Package in carloprojectlesang
Critical
GHSA-qj2g-642f-4jrv
was published
for
carloprojectlesang
(npm)
Sep 2, 2020
Malicious Package in commmander
Critical
GHSA-q42c-rrp3-r3xm
was published
for
commmander
(npm)
Sep 11, 2020
Malicious Package in requst
Critical
GHSA-8qx4-r7fx-xc4v
was published
for
requst
(npm)
Sep 11, 2020
Malicious Package in requets
Critical
GHSA-f3pc-c2gf-hvgw
was published
for
requets
(npm)
Sep 2, 2020
Malicious Package in donotinstallthis
Critical
GHSA-73hr-6785-f5p8
was published
for
donotinstallthis
(npm)
Sep 2, 2020
Malicious Package in uglyfi-js
Critical
GHSA-9xww-fwh9-95c5
was published
for
uglyfi-js
(npm)
Sep 2, 2020
ProTip!
Advisories are also available from the
GraphQL API