Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,868 advisories

Loading
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability.... Critical Unreviewed
CVE-2019-7104 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017... Critical Unreviewed
CVE-2019-7117 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017... Critical Unreviewed
CVE-2019-7120 was published May 24, 2022
Adobe XD versions 16.0 and earlier have a path traversal vulnerability. Successful exploitation... Critical Unreviewed
CVE-2019-7105 was published May 24, 2022
Adobe XD versions 16.0 and earlier have a path traversal vulnerability. Successful exploitation... Critical Unreviewed
CVE-2019-7106 was published May 24, 2022
Adobe Bridge CC versions 9.0.2 have a heap overflow vulnerability. Successful exploitation could... Critical Unreviewed
CVE-2019-7130 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017... Critical Unreviewed
CVE-2019-7128 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017... Critical Unreviewed
CVE-2019-7119 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017... Critical Unreviewed
CVE-2019-7124 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017... Critical Unreviewed
CVE-2019-7118 was published May 24, 2022
serendipity_moveMediaDirectory in Serendipity 2.0.3 allows remote attackers to upload and execute... Critical Unreviewed
CVE-2016-10752 was published May 24, 2022
The Xinha plugin in Precurio 2.1 allows Directory Traversal, with resultant arbitrary code... Critical Unreviewed
CVE-2016-10759 was published May 24, 2022
Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules... Critical Unreviewed
CVE-2016-8900 was published May 24, 2022
Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules... Critical Unreviewed
CVE-2016-8898 was published May 24, 2022
Lack of check in length before using memcpy in WLAN function can lead to OOB access in Snapdragon... Critical Unreviewed
CVE-2018-11940 was published May 24, 2022
Improper input validation on input data which is used to locate and copy the additional IEs in... Critical Unreviewed
CVE-2018-11930 was published May 24, 2022
Failure to initialize the extra buffer can lead to an out of buffer access in WLAN function in... Critical Unreviewed
CVE-2018-11949 was published May 24, 2022
Lack of input validation before copying can lead to a buffer over read in WLAN function in... Critical Unreviewed
CVE-2018-11937 was published May 24, 2022
Improper authentication can happen on Remote command handling due to inappropriate handling of... Critical Unreviewed
CVE-2018-11271 was published May 24, 2022
Index of array is processed in a wrong way inside a while loop and result in invalid index (-1 or... Critical Unreviewed
CVE-2018-11936 was published May 24, 2022
While processing ssid IE length from remote AP, possible out-of-bounds access may occur due to... Critical Unreviewed
CVE-2018-11953 was published May 24, 2022
Untrusted header fields in GNSS XTRA3 function can lead to integer overflow in Snapdragon Auto,... Critical Unreviewed
CVE-2018-13887 was published May 24, 2022
Unchecked OTA field in GNSS XTRA3 lead to integer overflow and then buffer overflow in Snapdragon... Critical Unreviewed
CVE-2018-13886 was published May 24, 2022
Error in parsing PMT table frees the memory allocated for the map section but does not reset the... Critical Unreviewed
CVE-2018-13925 was published May 24, 2022
SQL injection exists in ADD Clicking MLM Software 1.0, Binary MLM Software 1.0, Level MLM... Critical Unreviewed
CVE-2018-17843 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database