GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,403 advisories
Filter by severity
A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0...
Critical
Unreviewed
CVE-2022-29503
was published
Sep 30, 2022
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST...
Critical
Unreviewed
CVE-2021-21951
was published
Dec 9, 2021
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST...
Critical
Unreviewed
CVE-2021-21950
was published
Dec 9, 2021
A VULNERABILITY_CLASS vulnerability exists in the FEATURE functionality of Disc Soft Ltd Deamon...
Critical
Unreviewed
CVE-2021-21832
was published
May 24, 2022
The aswjsflt.dll library from Avast Antivirus windows contained a potentially exploitable heap...
Critical
Unreviewed
CVE-2022-4291
was published
Dec 8, 2022
Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red...
Critical
Unreviewed
CVE-2021-20325
was published
Feb 19, 2022
DexLoader function get_stringidx_fromdex() in Redex prior to commit 3b44c64 can load an out of...
Critical
Unreviewed
CVE-2022-36938
was published
Nov 11, 2022
NetworkPkg/IScsiDxe has remotely exploitable buffer overflows.
Critical
Unreviewed
CVE-2021-38575
was published
Dec 2, 2021
A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All...
Critical
Unreviewed
CVE-2020-27738
was published
May 24, 2022
Use of a Broken or Risky Cryptographic Algorithm in crypto2
Critical
CVE-2021-45709
was published
for
crypto2
(Rust)
Jan 6, 2022
Heap Based Buffer Overflow in libyaml
Critical
CVE-2013-6393
was published
for
libyaml
(npm)
Aug 31, 2020
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker...
Critical
Unreviewed
CVE-2021-1300
was published
May 24, 2022
An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling...
Critical
Unreviewed
CVE-2021-40393
was published
Dec 23, 2021
ChakraCore vulnerable to privilege escalation
Critical
CVE-2017-11767
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
ChakraCore RCE Vulnerability
Critical
CVE-2017-8658
was published
for
Microsoft.ChakraCore
(NuGet)
May 17, 2022
ChakraCore RCE Vulnerability
Critical
CVE-2017-0223
was published
for
Microsoft.ChakraCore
(NuGet)
May 17, 2022
ChakraCore RCE Vulnerability
Critical
CVE-2017-0252
was published
for
Microsoft.ChakraCore
(NuGet)
May 17, 2022
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote...
Critical
Unreviewed
CVE-2021-1479
was published
May 24, 2022
Improper handling of length parameter inconsistency vulnerability in Mitsubishi Electric FA...
Critical
Unreviewed
CVE-2021-20588
was published
May 24, 2022
Nokogiri does not forbid namespace nodes in XPointer ranges
Critical
CVE-2016-4658
was published
for
nokogiri
(RubyGems)
Aug 21, 2018
A memory corruption vulnerability exists in the HTTP Server header parsing functionality of...
Critical
Unreviewed
CVE-2023-28391
was published
Nov 14, 2023
A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of...
Critical
Unreviewed
CVE-2023-31247
was published
Nov 14, 2023
A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston...
Critical
Unreviewed
CVE-2023-28379
was published
Nov 14, 2023
A maliciously crafted MODEL, SLDASM, SAT or CATPART file when parsed through Autodesk AutoCAD...
Critical
Unreviewed
CVE-2023-29076
was published
Nov 23, 2023
Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in...
Critical
Unreviewed
CVE-2015-8668
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API