Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

386 advisories

Loading
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon... High Unreviewed
CVE-2018-7849 was published May 24, 2022
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco... High Unreviewed
CVE-2019-1858 was published May 24, 2022
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS... Moderate Unreviewed
CVE-2019-10917 was published May 24, 2022
Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) would not error upon receiving... High Unreviewed
CVE-2019-3565 was published May 24, 2022
Java Facebook Thrift servers would not error upon receiving messages with containers of fields of... High Unreviewed
CVE-2019-3559 was published May 24, 2022
Python Facebook Thrift servers would not error upon receiving messages with containers of fields... High Unreviewed
CVE-2019-3558 was published May 24, 2022
C++ Facebook Thrift servers (using cpp2) would not error upon receiving messages with containers... High Unreviewed
CVE-2019-3552 was published May 24, 2022
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service ... Moderate Unreviewed
CVE-2014-1943 was published May 17, 2022
Bento4 v1.6.0.0 was discovered to contain a segmentation fault via the component /x86_64... Moderate Unreviewed
CVE-2022-29017 was published May 17, 2022
A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services ... Moderate Unreviewed
CVE-2017-6628 was published May 13, 2022
A vulnerability in the detection engine that handles Secure Sockets Layer (SSL) packets for Cisco... Moderate Unreviewed
CVE-2017-3887 was published May 13, 2022
Huawei smart phones LYO-L21 with software LYO-L21C479B107, LYO-L21C479B107 have a privilege... High Unreviewed
CVE-2017-17172 was published May 13, 2022
In Bitmap.ccp if Bitmap.nativeCreate fails an out of memory exception is not thrown leading to a... High Unreviewed
CVE-2017-13199 was published May 13, 2022
The acpi_ns_terminate() function in drivers/acpi/acpica/nsutils.c in the Linux kernel before 4.12... High Unreviewed
CVE-2017-11472 was published May 13, 2022
A remote code execution vulnerability in the Android media framework (libstagefright). Product:... High Unreviewed
CVE-2017-0759 was published May 13, 2022
A remote code execution vulnerability in the Android media framework (libhevc). Product: Android.... High Unreviewed
CVE-2017-0762 was published May 13, 2022
A remote code execution vulnerability in the Android media framework (libstagefright). Product:... High Unreviewed
CVE-2017-0760 was published May 13, 2022
An elevation of privilege vulnerability in the Goodix touchscreen driver could enable a local... High Unreviewed
CVE-2017-0622 was published May 13, 2022
Windows Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1,... High Unreviewed
CVE-2017-0193 was published May 13, 2022
A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet... High Unreviewed
CVE-2017-6678 was published May 13, 2022
fedora-arm-installer up to and including 1.99.16 is vulnerable to local privilege escalation due... High Unreviewed
CVE-2017-7496 was published May 13, 2022
A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the... High Unreviewed
CVE-2017-7518 was published May 13, 2022
Under specific 802.11 network conditions, a partial re-association of the Philips IntelliVue MX40... Moderate Unreviewed
CVE-2017-9657 was published May 13, 2022
Certain 802.11 network management messages have been determined to invoke wireless access point... Moderate Unreviewed
CVE-2017-9658 was published May 13, 2022
A vulnerability in the Secure Sockets Layer (SSL) Engine of Cisco Firepower System Software could... Moderate Unreviewed
CVE-2018-0272 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database