GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,527
Composer 4,692
Erlang 34
GitHub Actions 27
Go 2,279
Maven 5,563
npm 3,931
NuGet 708
pip 3,699
Pub 12
RubyGems 919
Rust 957
Swift 38

Unreviewed advisories

All unreviewed 255,592

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

500 advisories

Filter by severity

Sort by

Least recently updated

The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful... Critical Unreviewed

CVE-2022-41581 was published Oct 14, 2022

GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects... Critical Unreviewed

CVE-2021-46848 was published Oct 24, 2022

An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of... Critical Unreviewed

CVE-2021-42374 was published May 24, 2022

In wolfSSL before 5.5.2, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then... Critical Unreviewed

CVE-2022-42905 was published Nov 7, 2022

An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap... Critical Unreviewed

CVE-2022-46393 was published Dec 16, 2022

A "Cisco WebEx Network Recording Player Out-of-Bounds Vulnerability" exists in Cisco WebEx... Critical Unreviewed

CVE-2017-12369 was published May 13, 2022

The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a... Critical Unreviewed

CVE-2017-16548 was published May 13, 2022

The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a... Critical Unreviewed

CVE-2017-16840 was published May 13, 2022

An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac,... Critical Unreviewed

CVE-2017-5053 was published May 13, 2022

libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in... Critical Unreviewed

CVE-2017-7544 was published May 13, 2022

In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png... Critical Unreviewed

CVE-2017-13139 was published May 13, 2022

The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x... Critical Unreviewed

CVE-2017-12933 was published May 13, 2022

In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers... Critical Unreviewed

CVE-2017-11147 was published May 13, 2022

The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other... Critical Unreviewed

CVE-2017-10989 was published May 13, 2022

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in... Critical Unreviewed

CVE-2017-9195 was published May 13, 2022

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in... Critical Unreviewed

CVE-2017-9193 was published May 13, 2022

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in... Critical Unreviewed

CVE-2017-9194 was published May 13, 2022

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in... Critical Unreviewed

CVE-2017-9171 was published May 13, 2022

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the pnm_load_raw function... Critical Unreviewed

CVE-2017-9152 was published May 13, 2022

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in... Critical Unreviewed

CVE-2017-9166 was published May 13, 2022

In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect... Critical Unreviewed

CVE-2017-9058 was published May 13, 2022

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in... Critical Unreviewed

CVE-2017-9164 was published May 13, 2022

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in... Critical Unreviewed

CVE-2017-9165 was published May 13, 2022

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption... Critical Unreviewed

CVE-2017-3060 was published May 14, 2022

The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have... Critical Unreviewed

CVE-2017-5897 was published May 14, 2022

Previous 1 2 3 4 5 … 19 20 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

500 advisories