GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
13 advisories
Filter by severity
mc-kill-port vulnerable to Arbitrary Command Execution via kill function
High
CVE-2022-25973
was published
for
mc-kill-port
(npm)
Aug 11, 2022
Command injection in git-interface
Critical
CVE-2022-1440
was published
for
git-interface
(npm)
Apr 23, 2022
OS Command Injection in git-promise
High
CVE-2022-24376
was published
for
git-promise
(npm)
Jun 11, 2022
Command injection in nodemailer
Critical
CVE-2020-7769
was published
for
nodemailer
(npm)
May 10, 2021
Remote command injection when using sendmail email transport
Moderate
GHSA-wfrj-qqc2-83cm
was published
for
ghost
(npm)
Sep 20, 2021
Arbitrary Code Execution in mathjs
Critical
CVE-2017-1001003
was published
for
mathjs
(npm)
Dec 18, 2017
blamer vulnerable to Arbitrary Argument Injection via the blameByFile() API
Moderate
CVE-2023-26143
was published
for
blamer
(npm)
Sep 19, 2023
Prototype Pollution in mixin-deep
Critical
CVE-2019-10746
was published
for
mixin-deep
(npm)
Aug 27, 2019
ggit is vulnerable to Arbitrary Argument Injection via the clone() API
Moderate
CVE-2024-21533
was published
for
ggit
(npm)
Oct 8, 2024
git-shallow-clone Argument Injection vulnerability
Moderate
CVE-2024-21531
was published
for
git-shallow-clone
(npm)
Oct 1, 2024
ProTip!
Advisories are also available from the
GraphQL API