Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,399 advisories

Loading
An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing... Critical Unreviewed
CVE-2017-2894 was published May 13, 2022
Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and... Critical Unreviewed
CVE-2016-10160 was published May 14, 2022
The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12... Critical Unreviewed
CVE-2016-7480 was published May 14, 2022
The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6... Critical Unreviewed
CVE-2016-4544 was published May 14, 2022
An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A... Critical Unreviewed
CVE-2017-2885 was published May 13, 2022
The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\")... Critical Unreviewed
CVE-2016-1283 was published May 13, 2022
The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which... Critical Unreviewed
CVE-2016-4303 was published May 13, 2022
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using... Critical Unreviewed
CVE-2021-44496 was published Apr 16, 2022
In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to an... Critical Unreviewed
CVE-2021-39708 was published Mar 17, 2022
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and... Critical Unreviewed
CVE-2016-0964 was published May 17, 2022
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and... Critical Unreviewed
CVE-2016-0981 was published May 17, 2022
In Signiant Manager+Agents before 13.5, the implementation of the set command has a Buffer Overflow. Critical Unreviewed
CVE-2019-8996 was published May 14, 2022
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X... Critical Unreviewed
CVE-2016-4242 was published May 14, 2022
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X... Critical Unreviewed
CVE-2016-4245 was published May 14, 2022
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X... Critical Unreviewed
CVE-2016-4244 was published May 14, 2022
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X... Critical Unreviewed
CVE-2016-4246 was published May 14, 2022
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X... Critical Unreviewed
CVE-2016-4239 was published May 14, 2022
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X... Critical Unreviewed
CVE-2016-4240 was published May 14, 2022
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X... Critical Unreviewed
CVE-2016-4235 was published May 14, 2022
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption... Critical Unreviewed
CVE-2017-2999 was published May 14, 2022
DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP... Critical Unreviewed
CVE-2018-18439 was published May 14, 2022
Uninitialized memory access in outer_cgi Critical
CVE-2021-30454 was published for outer_cgi (Rust) Aug 25, 2021
Integer overflow in base64 Critical
CVE-2017-1000430 was published for base64 (Rust) Aug 25, 2021
Buffer Overflow in pycrypto Critical
CVE-2013-7459 was published for pycrypto (pip) Dec 14, 2018
ProTip! Advisories are also available from the GraphQL API