GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License

Language support

About GitHub Advisory Database

775 advisories

Critical

CVE-2019-15224 was published for awesome-bot (RubyGems) Aug 20, 2019

Critical

CVE-2019-14281 was published for datagrid (RubyGems) Jul 31, 2019

Critical

CVE-2019-14282 was published for simple_captcha2 (RubyGems) Jul 31, 2019

Critical

CVE-2019-10173 was published for com.thoughtworks.xstream:xstream (Maven) Jul 26, 2019

Critical

CVE-2019-13354 was published for strong_password (RubyGems) Jul 8, 2019

Critical

CVE-2019-10842 was published for bootstrap-sass (RubyGems) Apr 4, 2019

Critical

CVE-2019-5413 was published for morgan (npm) Mar 25, 2019

Critical

CVE-2019-7539 was published for ipycache (pip) Mar 25, 2019

Critical

CVE-2016-10541 was published for shell-quote (npm) Feb 18, 2019

Critical

CVE-2018-20133 was published for ymlref (pip) Dec 19, 2018

Critical

CVE-2018-1260 was published for org.springframework.security.oauth:spring-security-oauth2 (Maven) Oct 18, 2018

Critical

CVE-2018-1275 was published for org.springframework:spring-messaging (Maven) Oct 17, 2018

Critical

CVE-2018-1270 was published for org.springframework:spring-messaging (Maven) Oct 17, 2018

Critical

CVE-2018-1273 was published for org.springframework.data:spring-data-commons (Maven) Oct 17, 2018

Critical

CVE-2018-3784 was published for cryo (npm) Aug 21, 2018

Critical

CVE-2016-10546 was published for pouchdb (npm) Jul 26, 2018

Critical

CVE-2017-16151 was published for electron (npm) Jul 24, 2018

Critical

CVE-2017-16082 was published for pg (npm) Jul 24, 2018

Critical

CVE-2017-16100 was published for dns-sync (npm) Jul 18, 2018

Critical

CVE-2017-16764 was published for django_make_app (pip) Jul 13, 2018

Critical

CVE-2018-8097 was published for eve (pip) Jul 12, 2018

Critical

CVE-2017-16042 was published for growl (npm) Jun 8, 2018

Critical

CVE-2016-10548 was published for reduce-css-calc (npm) Jun 7, 2018

Critical

CVE-2017-1001002 was published for mathjs (npm) Dec 18, 2017

Critical

CVE-2014-7205 was published for bassmaster (npm) Oct 24, 2017

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

775 advisories