Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,340
Erlang
31
GitHub Actions
22
Go
2,101
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+

11 advisories

Loading
WINRPCexploit malicious PyPI package Malware
GHSA-58g2-rgrr-6q9r was published for WINRPCexploit (pip) Aug 30, 2022
browserdiv malicious PyPI package Malware
GHSA-2wg3-9fjw-vjvj was published for browserdiv (pip) Aug 30, 2022
zlibsrc malicious PyPI package Malware
GHSA-h82j-8jxm-68qp was published for zlibsrc (pip) Aug 30, 2022
free-net-vpn2 malicious PyPI package Malware
GHSA-rqcv-3wp9-w2r3 was published for free-net-vpn2 (pip) Aug 30, 2022
free-net-vpn malicious PyPI package Malware
GHSA-jgw6-3fjm-w5f6 was published for free-net-vpn (pip) Aug 30, 2022
test-async malicious PyPI package Malware
GHSA-cg89-rrrm-gf58 was published for test-async (pip) Aug 30, 2022
PyProto2 malicious PyPI package Malware
GHSA-gw4j-fhj8-497m was published for PyProto2 (pip) Aug 30, 2022
pymocks malicious PyPI package Malware
GHSA-8rgr-xgx4-q7jq was published for pymocks (pip) Aug 30, 2022
pyg-utils malicious PyPI package Malware
GHSA-p8ph-q2m4-p5wv was published for pyg-utils (pip) Aug 30, 2022
ascii2text malicious PyPI package Malware
GHSA-hqmv-64pp-q4xw was published for ascii2text (pip) Aug 30, 2022
`rustdecimal` is a malicious crate Malware
GHSA-7pwq-f4pq-78gm was published for rustdecimal (Rust) Aug 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database