Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,879 advisories

Loading
In Teeworlds 0.7.2, there is an integer overflow in CDataFileReader::Open() in engine/shared... Critical Unreviewed
CVE-2019-10879 was published May 14, 2022
An issue was discovered on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV)... Critical Unreviewed
CVE-2018-19524 was published May 14, 2022
The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have... Critical Unreviewed
CVE-2018-12910 was published May 14, 2022
upload.php in Responsive FileManager 9.13.1 allows SSRF via the url parameter. Critical Unreviewed
CVE-2018-14728 was published May 14, 2022
Gifsicle gifview 1.89 and older is vulnerable to a use-after-free in the read_gif function... Critical Unreviewed
CVE-2017-1000421 was published May 14, 2022
A flaw was found in the way spice-client processed certain messages sent from the server. An... Critical Unreviewed
CVE-2017-12194 was published May 14, 2022
In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on... Critical Unreviewed
CVE-2018-12549 was published May 14, 2022
Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an... Critical Unreviewed
CVE-2017-7376 was published May 14, 2022
In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and jio_vsnprintf() native... Critical Unreviewed
CVE-2018-12547 was published May 14, 2022
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and... Critical Unreviewed
CVE-2018-5782 was published May 14, 2022
NVIDIA Jetson TX1 and TX2 contain a vulnerability in the Linux for Tegra (L4T) operating system ... Critical Unreviewed
CVE-2019-5672 was published May 14, 2022
The web server on Western Digital TV Media Player 1.03.07 and TV Live Hub 3.12.13 allow... Critical Unreviewed
CVE-2018-1151 was published May 14, 2022
Western Digital WD My Cloud v04.05.00-320 devices embed the session token (aka PHPSESSID) in... Critical Unreviewed
CVE-2018-9148 was published May 14, 2022
IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents are vulnerable to a stack-based... Critical Unreviewed
CVE-2019-4087 was published May 24, 2022
Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices before 2.001... Critical Unreviewed
CVE-2018-11229 was published May 14, 2022
The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP... Critical Unreviewed
CVE-2015-5740 was published May 14, 2022
SerenityOS 2021-03-27 contains a buffer overflow vulnerability in the EndOfCentralDirectory::read... Critical Unreviewed
CVE-2021-30045 was published May 24, 2022
Active Record RCE bug with Serialized Columns Critical
CVE-2022-32224 was published for activerecord (RubyGems) Jul 12, 2022
Use-after-free vulnerability in the DNS Server component in Microsoft Windows Server 2012 Gold... Critical Unreviewed
CVE-2016-3227 was published May 14, 2022
The DiskFileItem class in Apache Wicket 6.x before 6.25.0 and 1.5.x before 1.5.17 allows remote... Critical Unreviewed
CVE-2016-6793 was published May 14, 2022
_XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause... Critical Unreviewed
CVE-2015-9262 was published May 14, 2022
In Teeworlds 0.7.2, there is a failed bounds check in CDataFileReader::GetData() and... Critical Unreviewed
CVE-2019-10878 was published May 14, 2022
In Teeworlds 0.7.2, there is an integer overflow in CMap::Load() in engine/shared/map.cpp that... Critical Unreviewed
CVE-2019-10877 was published May 14, 2022
LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to... Critical Unreviewed
CVE-2018-17173 was published May 14, 2022
GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders... Critical Unreviewed
CVE-2017-11139 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database