Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,132
Erlang
29
GitHub Actions
19
Go
1,937
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

226 advisories

Loading
WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that... High Unreviewed
CVE-2016-4710 was published May 17, 2022
WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that... High Unreviewed
CVE-2016-4709 was published May 17, 2022
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10... High Unreviewed
CVE-2016-7655 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c... Critical Unreviewed
CVE-2017-9183 was published May 17, 2022
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and... High Unreviewed
CVE-2017-2962 was published May 17, 2022
In HAliasAnalyzer.Query of hydrogen-alias-analysis.h, there is possible memory corruption due to... Critical Unreviewed
CVE-2019-2097 was published May 24, 2022
Type confusion in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to... High Unreviewed
CVE-2018-6157 was published May 24, 2022
Incorrect Privilege Assignment in Jenkins Script Security Plugin High
CVE-2019-10355 was published for org.jenkins-ci.plugins:script-security (Maven) May 24, 2022
A type confusion vulnerability in the merge_param() function of php_http_params.c in PHP's pecl... Critical Unreviewed
CVE-2016-7398 was published May 24, 2022
A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA)... Moderate Unreviewed
CVE-2019-12693 was published May 24, 2022
An exploitable use-after-free vulnerability exists in the Length parsing function of NitroPDF. A... High Unreviewed
CVE-2019-5053 was published May 24, 2022
Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare... Moderate Unreviewed
CVE-2019-6147 was published May 24, 2022
A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to... High Unreviewed
CVE-2020-7081 was published May 24, 2022
In GitLab before 13.0.12, 13.1.6 and 13.2.3 using a branch with a hexadecimal name could override... Moderate Unreviewed
CVE-2020-13293 was published May 24, 2022
Type confusion in Gallagher Command Centre Server allows a remote attacker to crash the server or... High Unreviewed
CVE-2020-16103 was published May 24, 2022
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer... Moderate Unreviewed
CVE-2021-25175 was published May 24, 2022
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer... Moderate Unreviewed
CVE-2021-25177 was published May 24, 2022
Incorrect pointer argument passed to trusted application TA could result in un-intended memory... High Unreviewed
CVE-2021-1923 was published May 24, 2022
Possible out of bounds read due to improper typecasting while handling page fault for global... High Unreviewed
CVE-2021-35091 was published Jun 15, 2022
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte... High Unreviewed
CVE-2022-32547 was published Jun 17, 2022
pg-native and libpq vulnerable to uncontrolled resource consumption High
CVE-2022-25852 was published for libpq (npm) Jun 18, 2022
joshbressers
In audio DSP, there is a possible memory corruption due to improper casting. This could lead to... Moderate Unreviewed
CVE-2022-21786 was published Jul 7, 2022
Memory corruption in multimedia due to incorrect type conversion while adding data in Snapdragon... High Unreviewed
CVE-2022-22102 was published Sep 3, 2022
A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases,... High Unreviewed
CVE-2020-10735 was published Sep 10, 2022
Duplicate Advisory: AWS Redshift JDBC Driver fails to validate class type during object instantiation High
GHSA-5c6q-f783-h888 was published for com.amazon.redshift:redshift-jdbc42 (Maven) Sep 30, 2022 withdrawn
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database