GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
445 advisories
Filter by severity
Double free vulnerability in Apple Pages 2.x before 2.1 and 5.x before 5.1 allows remote...
High
Unreviewed
CVE-2014-1252
was published
May 17, 2022
Double free vulnerability in DfFromLB in docfile.cxx in libfpx 1.3.1_p6 allows remote attackers...
Moderate
Unreviewed
CVE-2017-12925
was published
May 17, 2022
Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows...
Critical
Unreviewed
CVE-2015-7700
was published
May 17, 2022
Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote...
High
Unreviewed
CVE-2017-6362
was published
May 17, 2022
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the...
High
Unreviewed
CVE-2017-9687
was published
May 17, 2022
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the...
High
Unreviewed
CVE-2017-9686
was published
May 17, 2022
ccsv Double Free vulnerability
Moderate
CVE-2017-15364
was published
for
ccsv
(RubyGems)
May 17, 2022
Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd)...
Critical
Unreviewed
CVE-2016-6912
was published
May 17, 2022
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel...
Moderate
Unreviewed
CVE-2017-6353
was published
May 17, 2022
Double free vulnerability in the SLPDKnownDAAdd function in slpd/slpd_knownda.c in OpenSLP 1.2.1...
High
Unreviewed
CVE-2015-5177
was published
May 17, 2022
Double free vulnerability in FFmpeg 3.3.4 and earlier allows remote attackers to cause a denial...
Moderate
Unreviewed
CVE-2017-15186
was published
May 17, 2022
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the...
High
Unreviewed
CVE-2017-11032
was published
May 17, 2022
The Touch Panel (TP) driver in P10 Plus smart phones with software versions earlier than VKY...
High
Unreviewed
CVE-2017-8141
was published
May 17, 2022
The soundtrigger driver in P9 Plus smart phones with software versions earlier than VIE...
High
Unreviewed
CVE-2017-8140
was published
May 17, 2022
Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the...
Critical
Unreviewed
CVE-2016-5768
was published
May 14, 2022
Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension...
Critical
Unreviewed
CVE-2016-5772
was published
May 14, 2022
The GPU driver of Mate 9 Huawei smart phones with software before MHA-AL00B 8.0.0.334(C00) and...
High
Unreviewed
CVE-2017-15316
was published
May 14, 2022
In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an authenticated client can...
High
Unreviewed
CVE-2017-7393
was published
May 14, 2022
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the...
High
Unreviewed
CVE-2017-9705
was published
May 14, 2022
In the doGetThumb and getThumbnail functions of MtpServer, there is a possible double free due to...
High
Unreviewed
CVE-2017-13181
was published
May 14, 2022
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.
Critical
Unreviewed
CVE-2017-1000231
was published
May 14, 2022
A double-free bug in the read_gif function in gifread.c in gifsicle 1.90 allows a remote attacker...
High
Unreviewed
CVE-2017-18120
was published
May 14, 2022
The Flp Driver in some Huawei smartphones of the software Vicky-AL00AC00B124D, Vicky...
High
Unreviewed
CVE-2017-15330
was published
May 14, 2022
The mad_decoder_run() function in decoder.c in Underbit libmad through 0.15.1b allows remote...
Critical
Unreviewed
CVE-2018-7263
was published
May 14, 2022
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the...
High
Unreviewed
CVE-2018-3560
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API