Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

41 advisories

Loading
Flaw in streaming state in orion High
CVE-2018-20999 was published for orion (Rust) Aug 25, 2021
Incorrect Calculation in the MSR JavaScript Cryptography Library High
CVE-2020-1026 was published for msrcrypto (npm) Jan 6, 2022
On certain hardware BIG-IP platforms, in version 15.1.x before 15.1.4 and 14.1.x before 14.1.3,... High Unreviewed
CVE-2022-23011 was published Jan 26, 2022
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts... High Unreviewed
CVE-2021-45960 was published Feb 10, 2022
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using... High Unreviewed
CVE-2021-44504 was published Apr 16, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can... High Unreviewed
CVE-2021-44491 was published Apr 16, 2022
An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can... High Unreviewed
CVE-2021-44490 was published Apr 16, 2022
STB v2.27 was discovered to contain an integer shift of invalid size in the component... High Unreviewed
CVE-2022-28048 was published Apr 16, 2022
On F5 BIG-IP 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x... High Unreviewed
CVE-2022-26517 was published May 6, 2022
In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was addressed in epan... High Unreviewed
CVE-2018-18225 was published May 13, 2022
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive... High Unreviewed
CVE-2017-12135 was published May 13, 2022
When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line... High Unreviewed
CVE-2018-11790 was published May 13, 2022
A vulnerability in certain IPv4 fragment-processing functions of Cisco Remote PHY Software could... High Unreviewed
CVE-2018-15391 was published May 13, 2022
An elevation of privilege vulnerability in Audioserver could enable a local malicious application... High Unreviewed
CVE-2017-0545 was published May 13, 2022
A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4... High Unreviewed
CVE-2017-0666 was published May 13, 2022
A remote code execution vulnerability in the Android media framework. Product: Android. Versions:... High Unreviewed
CVE-2017-0679 was published May 13, 2022
A vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1... High Unreviewed
CVE-2017-0819 was published May 13, 2022
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS... High Unreviewed
CVE-2017-12134 was published May 13, 2022
A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android... High Unreviewed
CVE-2017-13151 was published May 13, 2022
In writeToParcel and readFromParcel of PeriodicAdvertisingReport.java, there is a permission... High Unreviewed
CVE-2017-13288 was published May 13, 2022
libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type... High Unreviewed
CVE-2017-8326 was published May 13, 2022
Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest... High Unreviewed
CVE-2017-8905 was published May 13, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA... High Unreviewed
CVE-2017-9725 was published May 13, 2022
espritblock eos4j, an unofficial SDK for EOS, through 2018-07-12 mishandles floating-point... High Unreviewed
CVE-2018-14439 was published May 14, 2022
All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode... High Unreviewed
CVE-2017-0342 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database