Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

100,147 advisories

Loading
Improper handling of multiline messages in node-irc High
GHSA-52rh-5rpj-c3w6 was published for matrix-org-irc (npm) May 5, 2022
kurt-r2c
Command Injection in fs-git High
CVE-2017-16087 was published for fs-git (npm) May 29, 2019
SQL Injection in waterline-sequel High
GHSA-mpcx-8qqw-rmcq was published for waterline-sequel (npm) Aug 19, 2020 withdrawn
Path Traversal in angular-http-server High
GHSA-vmhw-fhj6-m3g5 was published for angular-http-server (npm) May 31, 2019
Directory Traversal High
GHSA-26hg-crh6-mjrw was published for list-n-stream (npm) Feb 23, 2021 withdrawn
XML external entity (XXE) vulnerability High
GHSA-c8m9-mh38-97p9 was published for org.jpmml:pmml-model (Maven) Feb 24, 2021 withdrawn
Server-Side Request Forgery in terriajs-server High
GHSA-p72p-rjr2-r439 was published for terriajs-server (npm) May 29, 2019
Elliptic Curve Key Disclosure High
GHSA-h6wq-jw7q-grxv was published for org.bitbucket.b_c:jose4j (Maven) Feb 24, 2021 withdrawn
Denial of Service in foreman High
GHSA-xm28-fw2x-fqv2 was published for foreman (npm) May 31, 2019
Directory Traversal in ltt.js High
GHSA-6qh5-wx38-q92g was published for ltt.js (npm) May 30, 2019
Privilege escalation vulnerability in Apache Hadoop High
CVE-2018-8029 was published for org.apache.hadoop:hadoop-main (Maven) May 31, 2019
Cross-Site Scripting in react-svg High
GHSA-8xqr-4cpm-wx7g was published for react-svg (npm) May 31, 2019
Out-of-bounds Read in base64-url High
GHSA-j4mr-9xw3-c9jx was published for base64-url (npm) May 31, 2019
Directory Traversal High
GHSA-f6gj-7592-5jxm was published for node-simple-router (npm) Feb 23, 2021 withdrawn
Prototype Pollution in deap High
GHSA-xrmp-99wj-p6jc was published for deap (npm) May 31, 2019
Cross-Site Scripting in bracket-template High
GHSA-jj6g-7j8p-7gf2 was published for bracket-template (npm) May 30, 2019
Withdrawn High
GHSA-wx84-69jh-jjp2 was published for sshpk (npm) Aug 3, 2020 withdrawn
Withdrawn High
GHSA-p56r-jr4p-4wgh was published for whereis (npm) Aug 3, 2020 withdrawn
Command Injection in macaddress High
GHSA-q9r2-f3vc-rjg8 was published for macaddress (npm) Aug 19, 2020 withdrawn
Path Traversal in localhost-now High
GHSA-73cw-jxmm-qpgh was published for localhost-now (npm) Jun 11, 2019
SQL Injection in typeorm High
GHSA-w7q7-vjp8-7jv4 was published for typeorm (npm) Jun 6, 2019
Cross-Site Scripting in ids-enterprise High
GHSA-hpfq-8wx8-cgqw was published for ids-enterprise (npm) Jun 13, 2019
Cross-Site Scripting in ids-enterprise High
GHSA-49r3-3h96-rwj6 was published for ids-enterprise (npm) Jun 13, 2019
Prototype Pollution in @apollo/gateway High
GHSA-74cr-77xc-8g6r was published for @apollo/gateway (npm) Jun 13, 2019
NoSQL Injection in loopback-connector-mongodb High
GHSA-m734-r4g6-34f9 was published for loopback-connector-mongodb (npm) Jun 4, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database