Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,231
Erlang
31
GitHub Actions
20
Go
1,991
Maven
5,000+
npm
3,709
NuGet
661
pip
3,341
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,308 advisories

Loading
Data races in lever High
CVE-2020-36457 was published for lever (Rust) Aug 25, 2021
tdunlap607
Data races in rcu_cell High
CVE-2020-36451 was published for rcu_cell (Rust) Aug 25, 2021
Data races in cache High
CVE-2020-36448 was published for cache (Rust) Aug 25, 2021
Command injection in kekbit High
CVE-2020-36449 was published for kekbit (Rust) Aug 25, 2021
Data race in v9 High
CVE-2020-36447 was published for v9 (Rust) Aug 25, 2021
J3rry-1729
Argument injection in lettre Moderate
CVE-2020-28247 was published for lettre (Rust) Aug 25, 2021
vin01
Data races in noise_search Moderate
CVE-2020-36461 was published for noise_search (Rust) Aug 25, 2021
Command injection in gitlogplus Critical
CVE-2021-23412 was published for gitlogplus (npm) Jul 26, 2021
Command injection in LocalStack Critical
CVE-2021-32090 was published for localstack (pip) Jun 18, 2021
Command Injection in @ronomon/opened Critical
CVE-2021-29300 was published for @ronomon/opened (npm) Jun 8, 2021
Script injection Moderate
CVE-2021-32660 was published for @backstage/techdocs-common (npm) Jun 4, 2021
Script injection Moderate
CVE-2021-32661 was published for @backstage/plugin-techdocs (npm) Jun 4, 2021
Improper Neutralization of Special Elements used in a Command ('Command Injection') in @floffah/build Low
GHSA-jcgr-9698-82jx was published for @floffah/build (npm) May 28, 2021
Injection and Command Injection in devcert High
CVE-2020-8186 was published for devcert (npm) May 18, 2021
Command Injection in geojson2kml Critical
CVE-2020-28429 was published for geojson2kml (npm) May 10, 2021
Command Injection in ps-visitor Critical
CVE-2021-23374 was published for ps-visitor (npm) May 7, 2021
Command Injection in onion-oled-js Critical
CVE-2021-23377 was published for onion-oled-js (npm) May 7, 2021
Command Injection in picotts Critical
CVE-2021-23378 was published for picotts (npm) May 7, 2021
Code injection in mock2easy Critical
CVE-2020-7697 was published for mock2easy (npm) May 6, 2021
Command Injection in lodash High
CVE-2021-23337 was published for lodash (npm) May 6, 2021
mitchell-codecov nitaiapiiro
ebickle
Arbitrary command execution in roar-pidusage Moderate
CVE-2021-23380 was published for roar-pidusage (npm) May 6, 2021
Command Injection in ffmpegdotjs Critical
CVE-2021-23376 was published for ffmpegdotjs (npm) May 6, 2021
Command Injection in killing High
CVE-2021-23381 was published for killing (npm) May 6, 2021
Command injection in portkiller High
CVE-2021-23379 was published for portkiller (npm) May 6, 2021
Command Injection in psnode High
CVE-2021-23375 was published for psnode (npm) May 6, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database