GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
87 advisories
Filter by severity
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote...
Moderate
Unreviewed
CVE-2016-7433
was published
May 13, 2022
In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was addressed in epan...
High
Unreviewed
CVE-2018-18225
was published
May 13, 2022
ffjpeg.dll in ffjpeg before 2018-08-22 allows remote attackers to cause a denial of service (FPE...
Moderate
Unreviewed
CVE-2018-16781
was published
May 13, 2022
Incorrect Calculation in the MSR JavaScript Cryptography Library
High
CVE-2020-1026
was published
for
msrcrypto
(npm)
Jan 6, 2022
Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote...
Moderate
Unreviewed
CVE-2011-3062
was published
May 13, 2022
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive...
High
Unreviewed
CVE-2017-12135
was published
May 13, 2022
When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line...
High
Unreviewed
CVE-2018-11790
was published
May 13, 2022
A vulnerability in certain IPv4 fragment-processing functions of Cisco Remote PHY Software could...
High
Unreviewed
CVE-2018-15391
was published
May 13, 2022
A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4...
High
Unreviewed
CVE-2017-0666
was published
May 13, 2022
An elevation of privilege vulnerability in Audioserver could enable a local malicious application...
High
Unreviewed
CVE-2017-0545
was published
May 13, 2022
A vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1...
High
Unreviewed
CVE-2017-0819
was published
May 13, 2022
A remote code execution vulnerability in the Android media framework. Product: Android. Versions:...
High
Unreviewed
CVE-2017-0679
was published
May 13, 2022
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS...
High
Unreviewed
CVE-2017-12134
was published
May 13, 2022
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point...
Moderate
Unreviewed
CVE-2017-11537
was published
May 13, 2022
A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android...
High
Unreviewed
CVE-2017-13151
was published
May 13, 2022
In writeToParcel and readFromParcel of PeriodicAdvertisingReport.java, there is a permission...
High
Unreviewed
CVE-2017-13288
was published
May 13, 2022
libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type...
High
Unreviewed
CVE-2017-8326
was published
May 13, 2022
A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in...
Moderate
Unreviewed
CVE-2017-8932
was published
May 13, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA...
High
Unreviewed
CVE-2017-9725
was published
May 13, 2022
Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest...
High
Unreviewed
CVE-2017-8905
was published
May 13, 2022
espritblock eos4j, an unofficial SDK for EOS, through 2018-07-12 mishandles floating-point...
High
Unreviewed
CVE-2018-14439
was published
May 14, 2022
In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, and 14.1...
High
Unreviewed
CVE-2022-36795
was published
Oct 20, 2022
On BIG-IP AFM version 16.x before 16.1.0, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all...
Moderate
Unreviewed
CVE-2022-23028
was published
Jan 26, 2022
On certain hardware BIG-IP platforms, in version 15.1.x before 15.1.4 and 14.1.x before 14.1.3,...
High
Unreviewed
CVE-2022-23011
was published
Jan 26, 2022
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr...
Moderate
Unreviewed
CVE-2017-2618
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API