Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

382 advisories

Loading
Malicious Package in midway-dataproxy Critical
GHSA-mq9h-cwc2-6j5r was published for midway-dataproxy (npm) Sep 3, 2020
Malicious Package in midway-xtpl Critical
GHSA-w65v-hx54-xrqx was published for midway-xtpl (npm) Sep 3, 2020
Malicious Package in hsf-clients Critical
GHSA-g5q2-fcg9-j526 was published for hsf-clients (npm) Sep 3, 2020
Malicious Package in luna-mock Critical
GHSA-qm4q-f956-fg64 was published for luna-mock (npm) Sep 3, 2020
Malicious Package in hpmm Critical
GHSA-vxfp-qmpq-6826 was published for hpmm (npm) Sep 3, 2020
Malicious Package in cicada-render Critical
GHSA-6m6m-j2hm-pxrg was published for cicada-render (npm) Sep 3, 2020
Malicious Package in diamond-clien Critical
GHSA-86gv-xpwv-jprc was published for diamond-clien (npm) Sep 3, 2020
Malicious Package in appx-compiler Critical
GHSA-8q2c-2396-hf7j was published for appx-compiler (npm) Sep 3, 2020
Malicious Package in antd-cloud Critical
GHSA-j4vm-hg8g-g9qv was published for antd-cloud (npm) Sep 3, 2020
Malicious Package in alipayjsapi Critical
GHSA-rjhc-w3fj-j6x9 was published for alipayjsapi (npm) Sep 3, 2020
Malicious Package in alico Critical
GHSA-jfx5-7mr2-g8hg was published for alico (npm) Sep 3, 2020
Malicious Package in ali-contributors Critical
GHSA-8m5v-f2wp-wqr9 was published for ali-contributors (npm) Sep 3, 2020
Malicious Package in ali-contributor Critical
GHSA-h3m2-h22h-695r was published for ali-contributor (npm) Sep 3, 2020
Malicious Package in only-test-not-install Critical
GHSA-g9wf-393q-4w38 was published for only-test-not-install (npm) Sep 3, 2020
Malicious Package in my-very-own-package Critical
GHSA-crr2-ph72-c52g was published for my-very-own-package (npm) Sep 3, 2020
Malicious Package in maybemaliciouspackage Critical
GHSA-m9r7-q9fc-qwx5 was published for maybemaliciouspackage (npm) Sep 3, 2020
Malicious Package in leetlog Critical
GHSA-gfm8-g3vm-53jh was published for leetlog (npm) Sep 3, 2020
Malicious Package in malicious-do-not-install Critical
GHSA-6879-xr95-5gf4 was published for malicious-do-not-install (npm) Sep 3, 2020
Malicious Package in rpc-websocket Critical
GHSA-x87g-rgrh-r6g3 was published for rpc-websocket (npm) Sep 3, 2020
Malicious Package in cxt Critical
GHSA-fpgg-r39h-3x5x was published for cxt (npm) Sep 3, 2020
Malicious Package in degbu Critical
GHSA-xr3g-4gg5-w3wq was published for degbu (npm) Sep 3, 2020
Malicious Package in ecruve Critical
GHSA-fpf2-pr3j-4cm3 was published for ecruve (npm) Sep 3, 2020
Malicious Package in dhkey Critical
GHSA-qxrj-x7rm-2h49 was published for dhkey (npm) Sep 3, 2020
Malicious Package in ecuvre Critical
GHSA-cgvm-rvfv-c92r was published for ecuvre (npm) Sep 3, 2020
Malicious Package in fs-extar Critical
GHSA-435c-qcpm-wjw5 was published for fs-extar (npm) Sep 3, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database