GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,159

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

26,868 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Management Console in GitHub Enterprise 2.8.x before 2.8.7 has a deserialization issue that... Critical Unreviewed

CVE-2017-18365 was published May 14, 2022

An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu... Critical Unreviewed

CVE-2018-12892 was published May 14, 2022

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a... Critical Unreviewed

CVE-2019-3861 was published May 14, 2022

A weak password recovery process vulnerability in Fortinet FortiPortal versions 4.0.0 and below... Critical Unreviewed

CVE-2017-7342 was published May 14, 2022

Kentix MultiSensor-LAN 5.63.00 devices and previous allow Authentication Bypass via an Alternate... Critical Unreviewed

CVE-2018-19783 was published May 14, 2022

Silverpeas 5.15 through 6.0.2 is affected by an authenticated Directory Traversal vulnerability... Critical Unreviewed

CVE-2018-19586 was published May 14, 2022

Git before 2.19.2 on Linux and UNIX executes commands from the current working directory (as if '... Critical Unreviewed

CVE-2018-19486 was published May 14, 2022

Memory safety bugs were reported in Firefox ESR 52.6. These bugs showed evidence of memory... Critical Unreviewed

CVE-2018-5145 was published May 14, 2022

plugin.js in the w8tcha oEmbed plugin before 2019-03-14 for CKEditor mishandles SCRIPT elements. Critical Unreviewed

CVE-2019-9870 was published May 14, 2022

Audio in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows... Critical Unreviewed

CVE-2016-4702 was published May 14, 2022

An issue was discovered in Liblouis 3.5.0. A invalid free in the compileRule function in... Critical Unreviewed

CVE-2018-11410 was published May 14, 2022

On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious... Critical Unreviewed

CVE-2017-11121 was published May 14, 2022

Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allows remote attackers to reset... Critical Unreviewed

CVE-2015-4689 was published May 14, 2022

When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a... Critical Unreviewed

CVE-2018-5206 was published May 14, 2022

WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to... Critical Unreviewed

CVE-2016-4734 was published May 14, 2022

In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer... Critical Unreviewed

CVE-2018-5208 was published May 14, 2022

An issue in Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode and Atom allows attackers to... Critical Unreviewed

CVE-2022-45026 was published Dec 7, 2022

libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud... Critical Unreviewed

CVE-2016-4615 was published May 14, 2022

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the... Critical Unreviewed

CVE-2019-9775 was published May 14, 2022

A use-after-free vulnerability can occur while adjusting layout during SVG animations with text... Critical Unreviewed

CVE-2018-5155 was published May 14, 2022

An integer overflow can occur in the Skia library due to 32-bit integer use in an array without... Critical Unreviewed

CVE-2018-5159 was published May 14, 2022

An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively.... Critical Unreviewed

CVE-2019-9120 was published May 14, 2022

In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind... Critical Unreviewed

CVE-2019-9895 was published May 14, 2022

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the... Critical Unreviewed

CVE-2019-9774 was published May 14, 2022

An unauthenticated remote code execution vulnerability in HPE Aruba ClearPass Policy Manager... Critical Unreviewed

CVE-2017-5824 was published May 14, 2022

Previous 1…394…400 Next

Previous 1 2 … 392 393 394 395 396 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

26,868 advisories