Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

239 advisories

Loading
In GitLab before 13.0.12, 13.1.6 and 13.2.3 using a branch with a hexadecimal name could override... Moderate Unreviewed
CVE-2020-13293 was published May 24, 2022
A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to... High Unreviewed
CVE-2020-7081 was published May 24, 2022
Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare... Moderate Unreviewed
CVE-2019-6147 was published May 24, 2022
An exploitable use-after-free vulnerability exists in the Length parsing function of NitroPDF. A... High Unreviewed
CVE-2019-5053 was published May 24, 2022
A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA)... Moderate Unreviewed
CVE-2019-12693 was published May 24, 2022
A type confusion vulnerability in the merge_param() function of php_http_params.c in PHP's pecl... Critical Unreviewed
CVE-2016-7398 was published May 24, 2022
Incorrect Privilege Assignment in Jenkins Script Security Plugin High
CVE-2019-10355 was published for org.jenkins-ci.plugins:script-security (Maven) May 24, 2022
Type confusion in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to... High Unreviewed
CVE-2018-6157 was published May 24, 2022
In HAliasAnalyzer.Query of hydrogen-alias-analysis.h, there is possible memory corruption due to... Critical Unreviewed
CVE-2019-2097 was published May 24, 2022
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and... High Unreviewed
CVE-2017-2962 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c... Critical Unreviewed
CVE-2017-9183 was published May 17, 2022
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10... High Unreviewed
CVE-2016-7655 was published May 17, 2022
WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that... High Unreviewed
CVE-2016-4709 was published May 17, 2022
WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that... High Unreviewed
CVE-2016-4710 was published May 17, 2022
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue... High Unreviewed
CVE-2016-7617 was published May 17, 2022
readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in type long" issue, which... High Unreviewed
CVE-2017-9042 was published May 17, 2022
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X... High Unreviewed
CVE-2015-3120 was published May 17, 2022
Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the... High Unreviewed
CVE-2017-0037 was published May 17, 2022
Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB... High Unreviewed
CVE-2017-8159 was published May 17, 2022
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017... High Unreviewed
CVE-2017-16367 was published May 17, 2022
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017... High Unreviewed
CVE-2017-16379 was published May 17, 2022
Improper Input Validation in IpMatcher Critical
CVE-2021-33318 was published for IpMatcher (NuGet) May 17, 2022
Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged... High Unreviewed
CVE-2017-5717 was published May 14, 2022
Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker... High Unreviewed
CVE-2017-5115 was published May 14, 2022
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection... Critical Unreviewed
CVE-2016-7979 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database