GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
445 advisories
Filter by severity
Huawei Mate 9 Pro smartphones with software of LON-AL00BC00B139D, LON-AL00BC00B229, LON...
High
Unreviewed
CVE-2017-17320
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and...
Critical
Unreviewed
CVE-2015-9165
was published
May 14, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon...
Critical
Unreviewed
CVE-2018-3593
was published
May 14, 2022
The Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones with software Berkeley-AL20...
High
Unreviewed
CVE-2018-7899
was published
May 14, 2022
openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local...
High
Unreviewed
CVE-2018-9336
was published
May 14, 2022
jpegoptim.c in jpegoptim 1.4.5 (fixed in 1.4.6) has an invalid use of realloc() and free(), which...
High
Unreviewed
CVE-2018-11416
was published
May 14, 2022
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11...
High
Unreviewed
CVE-2017-6074
was published
May 14, 2022
dwg_decode_eed in decode.c in GNU LibreDWG before 0.6 leads to a double free (in dwg_free_eed in...
Moderate
Unreviewed
CVE-2018-14524
was published
May 14, 2022
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4...
High
Unreviewed
CVE-2017-8890
was published
May 14, 2022
** DISPUTED ** The libfsntfs_security_descriptor_values_free function in...
Moderate
Unreviewed
CVE-2018-11730
was published
May 14, 2022
The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is...
Critical
Unreviewed
CVE-2017-16820
was published
May 14, 2022
Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double Free vulnerability in...
High
Unreviewed
CVE-2018-1000216
was published
May 14, 2022
Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26...
Critical
Unreviewed
CVE-2017-5334
was published
May 14, 2022
Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10...
High
Unreviewed
CVE-2016-8693
was published
May 14, 2022
An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic...
Critical
Unreviewed
CVE-2017-18201
was published
May 14, 2022
The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to...
High
Unreviewed
CVE-2018-17097
was published
May 14, 2022
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the...
High
Unreviewed
CVE-2018-11273
was published
May 14, 2022
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the...
High
Unreviewed
CVE-2018-11270
was published
May 14, 2022
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the...
High
Unreviewed
CVE-2018-11276
was published
May 14, 2022
The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing...
Critical
Unreviewed
CVE-2016-8618
was published
May 14, 2022
In copy_process of fork.c, there is possible memory corruption due to a double free. This could...
High
Unreviewed
CVE-2018-9513
was published
May 14, 2022
Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote...
Moderate
Unreviewed
CVE-2015-5203
was published
May 14, 2022
In Snapdragon (Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655,...
High
Unreviewed
CVE-2018-11982
was published
May 14, 2022
An issue was discovered in gThumb through 3.6.2. There is a double-free vulnerability in the...
High
Unreviewed
CVE-2018-18718
was published
May 14, 2022
Double memory free while closing TEE SE API Session management in Snapdragon Mobile in version SD...
High
Unreviewed
CVE-2017-18297
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API