GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,403 advisories
Filter by severity
Uninitialized memory access in outer_cgi
Critical
CVE-2021-30454
was published
for
outer_cgi
(Rust)
Aug 25, 2021
DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP...
Critical
Unreviewed
CVE-2018-18439
was published
May 14, 2022
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption...
Critical
Unreviewed
CVE-2017-2999
was published
May 14, 2022
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X...
Critical
Unreviewed
CVE-2016-4240
was published
May 14, 2022
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X...
Critical
Unreviewed
CVE-2016-4235
was published
May 14, 2022
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X...
Critical
Unreviewed
CVE-2016-4239
was published
May 14, 2022
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X...
Critical
Unreviewed
CVE-2016-4246
was published
May 14, 2022
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X...
Critical
Unreviewed
CVE-2016-4244
was published
May 14, 2022
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X...
Critical
Unreviewed
CVE-2016-4245
was published
May 14, 2022
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X...
Critical
Unreviewed
CVE-2016-4242
was published
May 14, 2022
In Signiant Manager+Agents before 13.5, the implementation of the set command has a Buffer Overflow.
Critical
Unreviewed
CVE-2019-8996
was published
May 14, 2022
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and...
Critical
Unreviewed
CVE-2016-0981
was published
May 17, 2022
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and...
Critical
Unreviewed
CVE-2016-0964
was published
May 17, 2022
In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to an...
Critical
Unreviewed
CVE-2021-39708
was published
Mar 17, 2022
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using...
Critical
Unreviewed
CVE-2021-44496
was published
Apr 16, 2022
The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which...
Critical
Unreviewed
CVE-2016-4303
was published
May 13, 2022
The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\")...
Critical
Unreviewed
CVE-2016-1283
was published
May 13, 2022
An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A...
Critical
Unreviewed
CVE-2017-2885
was published
May 13, 2022
The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6...
Critical
Unreviewed
CVE-2016-4544
was published
May 14, 2022
Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and...
Critical
Unreviewed
CVE-2016-10160
was published
May 14, 2022
The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12...
Critical
Unreviewed
CVE-2016-7480
was published
May 14, 2022
An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing...
Critical
Unreviewed
CVE-2017-2894
was published
May 13, 2022
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X...
Critical
Unreviewed
CVE-2016-4275
was published
May 14, 2022
Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of...
Critical
Unreviewed
CVE-2019-12261
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API