Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

301,630 advisories

Loading
Prototype Pollution in extend Moderate
CVE-2018-16492 was published for extend (npm) Feb 7, 2019
Downloads Resources over HTTP in qbs High
CVE-2016-10656 was published for qbs (npm) Feb 18, 2019
No CSRF Validation in droppy High
CVE-2016-10529 was published for droppy (npm) Feb 18, 2019
High severity vulnerability that affects com.github.shyiko.ktlint:ktlint-core High
CVE-2019-1010260 was published for com.github.shyiko.ktlint:ktlint-core (Maven) Apr 8, 2019
Moderate severity vulnerability that affects rack Moderate
GHSA-9vc2-p34x-jhxh was published for rack (RubyGems) Sep 17, 2018 withdrawn
Downloads Resources over HTTP in cobalt-cli High
CVE-2016-10597 was published for cobalt-cli (npm) Feb 18, 2019
Moderate severity vulnerability that affects DotNetNuke.Core Moderate
CVE-2015-1566 was published for DotNetNuke.Core (NuGet) Oct 16, 2018
Cross-Site Scripting in @risingstack/protect Moderate
CVE-2018-1000160 was published for @risingstack/protect (npm) Apr 25, 2018
Downloads Resources over HTTP in serc.js High
CVE-2016-10678 was published for serc.js (npm) Feb 18, 2019
Moderate severity vulnerability that affects org.apache.mesos:mesos Moderate
CVE-2018-8023 was published for org.apache.mesos:mesos (Maven) Oct 17, 2018
Incorrect handling of CORS preflight request headers in hapi Moderate
CVE-2015-9236 was published for hapi (npm) Jun 7, 2018
Moderate severity vulnerability that affects org.apache.jspwiki:jspwiki-main Moderate
CVE-2019-0224 was published for org.apache.jspwiki:jspwiki-main (Maven) Apr 2, 2019
Downloads Resources over HTTP in openframe-glslviewer High
CVE-2016-10607 was published for openframe-glslviewer (npm) Feb 18, 2019
Downloads Resources over HTTP in go-ipfs-dep High
CVE-2016-10563 was published for go-ipfs-dep (npm) Feb 18, 2019
Downloads Resources over HTTP in pk-app-wonderbox High
CVE-2016-10685 was published for pk-app-wonderbox (npm) Feb 18, 2019
Moderate severity vulnerability that affects org.apache.tika:tika-core Moderate
CVE-2018-11762 was published for org.apache.tika:tika-core (Maven) Oct 17, 2018
Path Traversal in superstatic High
GHSA-wm77-q74p-5763 was published for superstatic (npm) Jul 27, 2018
Downloads Resources over HTTP in nodewebkit High
CVE-2016-10580 was published for nodewebkit (npm) Feb 18, 2019
Downloads Resources over HTTP in arcanist Moderate
CVE-2016-10683 was published for arcanist (npm) Feb 18, 2019
Moderate severity vulnerability that affects mailman Moderate
CVE-2018-13796 was published for mailman (pip) Sep 11, 2018
Critical severity vulnerability that affects recurly-api-client Critical
CVE-2017-0907 was published for recurly-api-client (NuGet) Oct 16, 2018
Downloads Resources over HTTP in product-monitor High
CVE-2016-10567 was published for product-monitor (npm) Feb 18, 2019
Moderate severity vulnerability that affects org.keycloak:keycloak-core Moderate
CVE-2018-10912 was published for org.keycloak:keycloak-core (Maven) Oct 18, 2018
Downloads Resources over HTTP in openframe-image High
CVE-2016-10616 was published for openframe-image (npm) Feb 18, 2019
Moderate severity vulnerability that affects activerecord Moderate
GHSA-m8h6-m9p5-p2f8 was published for activerecord (RubyGems) Aug 13, 2018 withdrawn
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database