Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

975 advisories

Loading
Cross Site Scripting (XSS) in plotly.js Moderate
CVE-2017-1000006 was published for plotly.js (npm) Oct 24, 2017
Potential for Script Injection in syntax-error High
CVE-2014-7192 was published for syntax-error (npm) Oct 24, 2017
RDIL
Regular Expression Denial of Service in uglify-js High
CVE-2015-8858 was published for uglify-js (npm) Oct 24, 2017
Cross-Site Scripting in keystone Moderate
CVE-2017-15878 was published for keystone (npm) Nov 15, 2017
Denial of Service in mqtt Moderate
CVE-2017-10910 was published for mqtt (npm) Dec 28, 2017
Moderate severity vulnerability that affects marked Moderate
CVE-2017-17461 was published for marked (npm) Jan 4, 2018 withdrawn
Prototype Pollution in hoek High
CVE-2018-3728 was published for hoek (npm) Apr 26, 2018
Malicious Package in eslint-scope Critical
GHSA-hxxf-q3w9-4xgw was published for eslint-config-eslint (npm) Jul 12, 2018
volkdm
Withdrawn Advisory: mariadb was malware High
CVE-2017-16046 was published for mariadb (npm) Jul 18, 2018 withdrawn
Path Traversal in public High
CVE-2018-3731 was published for public (npm) Jul 18, 2018
Directory Traversal in nodeaaaaa High
CVE-2017-16223 was published for nodeaaaaa (npm) Jul 23, 2018
Directory Traversal in dgard8.lab6 High
CVE-2017-16218 was published for dgard8.lab6 (npm) Jul 23, 2018
Directory Traversal in fbr-client High
CVE-2017-16217 was published for fbr-client (npm) Jul 23, 2018
Directory Traversal in ltt High
CVE-2017-16212 was published for ltt (npm) Jul 23, 2018
Directory Traversal in jn_jj_server High
CVE-2017-16210 was published for jn_jj_server (npm) Jul 23, 2018
Directory Traversal in quickserver High
CVE-2017-16196 was published for quickserver (npm) Jul 23, 2018
Directory Traversal in picard High
CVE-2017-16194 was published for picard (npm) Jul 23, 2018
Directory Traversal in getcityapi.yoehoehne High
CVE-2017-16192 was published for getcityapi.yoehoehne (npm) Jul 23, 2018
Directory Traversal in sly07 High
CVE-2017-16189 was published for sly07 (npm) Jul 23, 2018
Directory Traversal in reecerver High
CVE-2017-16188 was published for reecerver (npm) Jul 23, 2018
Directory Traversal in open-device High
CVE-2017-16187 was published for open-device (npm) Jul 23, 2018
Directory Traversal in serverxxx High
CVE-2017-16182 was published for serverxxx (npm) Jul 23, 2018
Directory Traversal in serverabc High
CVE-2017-16180 was published for serverabc (npm) Jul 23, 2018
Directory Traversal in ewgaddis.lab6 High
CVE-2017-16175 was published for ewgaddis.lab6 (npm) Jul 23, 2018
Directory Traversal in whispercast High
CVE-2017-16174 was published for whispercast (npm) Jul 23, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database