Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,303
Erlang
31
GitHub Actions
21
Go
2,072
Maven
5,000+
npm
3,744
NuGet
669
pip
3,430
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

12,821 advisories

Loading
ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a... Moderate Unreviewed
CVE-2012-3571 was published May 13, 2022
Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the... High Unreviewed
CVE-2016-7837 was published May 13, 2022
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on... Moderate Unreviewed
CVE-2017-8535 was published May 13, 2022
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on... Moderate Unreviewed
CVE-2017-8537 was published May 13, 2022
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on... Moderate Unreviewed
CVE-2017-8536 was published May 13, 2022
Siemens SIMATIC S7-400 PN CPU devices with firmware 5.x allow remote attackers to cause a denial... High Unreviewed
CVE-2012-3017 was published May 13, 2022
The "apetag.c" file in MP3Gain 1.5.2.r2 has a vulnerability which results in a stack memory... Moderate Unreviewed
CVE-2017-12911 was published May 13, 2022
The WebGL implementation in Google Chrome before 17.0.963.83 does not properly handle CANVAS... Moderate Unreviewed
CVE-2011-3052 was published May 13, 2022
The GPU process in Google Chrome before 17.0.963.79 allows remote attackers to execute arbitrary... High Unreviewed
CVE-2011-3047 was published May 13, 2022
A vulnerability in the web application for Cisco IP Phones could allow an unauthenticated, remote... High Unreviewed
CVE-2016-1421 was published May 13, 2022
The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial... Moderate Unreviewed
CVE-2016-2073 was published May 13, 2022
Artifex Software, Inc. MuJS before a0ceaf5050faf419401fe1b83acfa950ec8a8a89 allows context... High Unreviewed
CVE-2016-9136 was published May 13, 2022
Buffer overflow in the SLPFoldWhiteSpace function in common/slp_compare.c in OpenSLP 2.0 allows... Critical Unreviewed
CVE-2016-7567 was published May 13, 2022
Buffer overflow in APNGDis 2.8 and earlier allows a remote attackers to cause denial of service... Moderate Unreviewed
CVE-2017-6192 was published May 13, 2022
Buffer overflow in APNGDis 2.8 and earlier allows remote attackers to cause a denial of service... Moderate Unreviewed
CVE-2017-6193 was published May 13, 2022
The read_buf function in stream.c in rzip 2.1 allows remote attackers to cause a denial of... High Unreviewed
CVE-2017-8364 was published May 13, 2022
Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers... Critical Unreviewed
CVE-2017-8798 was published May 13, 2022
Yodl before 3.07.01 has a Buffer Over-read in the queue_push function in queue/queuepush.c. Critical Unreviewed
CVE-2016-10375 was published May 13, 2022
The Cascading Style Sheets (CSS) implementation in Google Chrome before 16.0.912.63 on 64-bit... Moderate Unreviewed
CVE-2011-3909 was published May 13, 2022
Google Chrome before 15.0.874.120 does not properly perform VP8 decoding, which allows remote... High Unreviewed
CVE-2011-3894 was published May 13, 2022
Google Chrome before 14.0.835.202 does not properly handle Google V8 hidden objects, which allows... Moderate Unreviewed
CVE-2011-2881 was published May 13, 2022
Google Chrome before 14.0.835.202 does not properly implement shader translation, which allows... Moderate Unreviewed
CVE-2011-3873 was published May 13, 2022
Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and... High Unreviewed
CVE-2013-7260 was published May 13, 2022
OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue... Critical Unreviewed
CVE-2017-17833 was published May 13, 2022
A buffer overflow has been found in the Zephyr Project's getaddrinfo() implementation in 1.9.0... Critical Unreviewed
CVE-2017-14199 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database