Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,029
Maven
5,000+
npm
5,000+
NuGet
976
pip
5,000+
Pub
13
RubyGems
1,070
Rust
1,404
Swift
61
Unreviewed advisories
All unreviewed
5,000+

6,517 advisories

Loading
Cross-Site Scripting in marked Moderate
GHSA-8wp3-cp9v-44fm was published for marked (npm) Feb 25, 2021 withdrawn
Path Traversal in statics-server Moderate
GHSA-74cp-qw7f-7hpw was published for statics-server (npm) Jun 5, 2019
Regular Expression Denial of Service in highcharts Moderate
GHSA-m45f-4828-5cv5 was published for highcharts (npm) Aug 19, 2020 withdrawn
Remote Memory Exposure in floody Moderate
GHSA-3p92-886g-qxpq was published for floody (npm) Jun 4, 2019
Out-of-bounds Read in npmconf Moderate
GHSA-57cf-349j-352g was published for npmconf (npm) Jun 12, 2019
Open Redirect in ecstatic Moderate
GHSA-x4rf-4mqf-cm8w was published for ecstatic (npm) Aug 19, 2020 withdrawn
Sandbox Breakout / Arbitrary Code Execution in safer-eval Moderate
GHSA-69p9-9qm9-h447 was published for safer-eval (npm) Aug 19, 2020 withdrawn
Content injection in marked Moderate
GHSA-wjmf-58vc-xqjr was published for marked (npm) Feb 25, 2021 withdrawn
Path Traversal in serve-here.js High
GHSA-g8m7-qhv7-9h5x was published for serve-here (npm) Jul 5, 2019
Sensitive Data Exposure in sequelize-cli Low
GHSA-3xc7-xg67-pw99 was published for sequelize-cli (npm) Jun 5, 2019
Command Injection in wiki-plugin-datalog High
GHSA-pm52-wwrw-c282 was published for wiki-plugin-datalog (npm) Jun 13, 2019
Rate Limiting Bypass in express-brute Moderate
GHSA-984p-xq9m-4rjw was published for express-brute (npm) Jun 7, 2019
Remote Code Execution in node-os-utils High
GHSA-j9f8-8h89-j69x was published for node-os-utils (npm) Jun 11, 2019
Command Injection in dot Moderate
GHSA-4859-gpc7-4j66 was published for dot (npm) Jun 5, 2019
Reverse Tabnapping in swagger-ui Moderate
GHSA-x9p2-fxq6-2m5f was published for swagger-ui (npm) Jun 20, 2019
Out-of-bounds Read in byte Moderate
GHSA-xm7f-x4wx-wmgv was published for byte (npm) Jun 4, 2019
SQL Injection in sql Moderate
GHSA-8f93-rv4p-x4jw was published for sql (npm) Jun 12, 2019
Denial of Service High
GHSA-j95h-wmx9-4279 was published for sails (npm) Feb 25, 2021 withdrawn
Command Injection in open Critical
GHSA-28xh-wpgr-7fm8 was published for open (npm) Jun 20, 2019
Cross-Site Scripting in ids-enterprise High
GHSA-crfx-5phg-hmw9 was published for ids-enterprise (npm) Jun 13, 2019
Cross-Site Scripting in @nuxt/devalue Moderate
CVE-2019-13506 was published for @nuxt/devalue (npm) Jul 16, 2019
Denial of Service in mem Moderate
GHSA-4xcv-9jjx-gfj3 was published for mem (npm) Jul 5, 2019
Cross-Site Scripting via JSONP Moderate
GHSA-28hp-fgcr-2r4h was published for angular (npm) Jun 27, 2019
Cross-Site Scripting in cyberchef Moderate
CVE-2019-15532 was published for cyberchef (npm) Aug 27, 2019
Message Signature Bypass in openpgp High
CVE-2019-9153 was published for openpgp (npm) Aug 23, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database