GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License

Language support

About GitHub Advisory Database

23,708 advisories

Critical

CVE-2019-16762 was published for slpjs (npm) Nov 15, 2019

Critical

GHSA-6jg8-7333-554w was published for realms-shim (npm) Oct 4, 2019

Critical

CVE-2014-3741 was published for printer (npm) Nov 28, 2017

Critical

CVE-2017-7676 was published for org.apache.ranger:ranger (Maven) Oct 17, 2018

Critical

CVE-2015-9235 was published for jsonwebtoken (npm) Oct 9, 2018

Critical

CVE-2016-10548 was published for reduce-css-calc (npm) Jun 7, 2018

Critical

CVE-2018-15531 was published for net.bull.javamelody:javamelody-core (Maven) Oct 17, 2018

Critical

CVE-2016-10546 was published for pouchdb (npm) Jul 26, 2018

Critical

CVE-2018-3753 was published for merge-object (npm) Sep 18, 2018

Critical

GHSA-mwp6-j9wf-968c was published for generator-jhipster (npm) Sep 13, 2019 • withdrawn

Critical

CVE-2017-16100 was published for dns-sync (npm) Jul 18, 2018

Critical

CVE-2018-3783 was published for flintcms (npm) Aug 21, 2018

Critical

CVE-2018-3739 was published for https-proxy-agent (npm) Jul 27, 2018

Critical

CVE-2019-7644 was published for Auth0-WCF-Service-JWT (NuGet) Apr 18, 2019

Critical

CVE-2018-3752 was published for merge-options (npm) Oct 9, 2018

Critical

CVE-2017-0907 was published for recurly-api-client (NuGet) Oct 16, 2018

Critical

CVE-2018-13797 was published for macaddress (npm) Sep 6, 2018

Critical

CVE-2016-10525 was published for hapi-auth-jwt2 (npm) Feb 18, 2019

Critical

CVE-2015-2794 was published for DotNetNuke.Core (NuGet) Oct 16, 2018

Critical

CVE-2019-0192 was published for org.apache.solr:solr-core (Maven) Mar 14, 2019

Critical

CVE-2016-1000282 was published for Haraka (npm) Feb 12, 2019

Critical

CVE-2013-4660 was published for js-yaml (npm) Oct 24, 2017

Critical

GHSA-wxvm-fh75-mpgr was published for dns-sync (npm) Jul 26, 2018 • withdrawn

Critical

CVE-2018-1000822 was published for org.codelibs.fess:fess (Maven) Dec 20, 2018

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,708 advisories