Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

445 advisories

Loading
Huawei Mate 9 Pro smartphones with software of LON-AL00BC00B139D, LON-AL00BC00B229, LON... High Unreviewed
CVE-2017-17320 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and... Critical Unreviewed
CVE-2015-9165 was published May 14, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon... Critical Unreviewed
CVE-2018-3593 was published May 14, 2022
The Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones with software Berkeley-AL20... High Unreviewed
CVE-2018-7899 was published May 14, 2022
openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local... High Unreviewed
CVE-2018-9336 was published May 14, 2022
jpegoptim.c in jpegoptim 1.4.5 (fixed in 1.4.6) has an invalid use of realloc() and free(), which... High Unreviewed
CVE-2018-11416 was published May 14, 2022
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11... High Unreviewed
CVE-2017-6074 was published May 14, 2022
dwg_decode_eed in decode.c in GNU LibreDWG before 0.6 leads to a double free (in dwg_free_eed in... Moderate Unreviewed
CVE-2018-14524 was published May 14, 2022
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4... High Unreviewed
CVE-2017-8890 was published May 14, 2022
** DISPUTED ** The libfsntfs_security_descriptor_values_free function in... Moderate Unreviewed
CVE-2018-11730 was published May 14, 2022
The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is... Critical Unreviewed
CVE-2017-16820 was published May 14, 2022
Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double Free vulnerability in... High Unreviewed
CVE-2018-1000216 was published May 14, 2022
Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26... Critical Unreviewed
CVE-2017-5334 was published May 14, 2022
Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10... High Unreviewed
CVE-2016-8693 was published May 14, 2022
An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic... Critical Unreviewed
CVE-2017-18201 was published May 14, 2022
The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to... High Unreviewed
CVE-2018-17097 was published May 14, 2022
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the... High Unreviewed
CVE-2018-11273 was published May 14, 2022
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the... High Unreviewed
CVE-2018-11270 was published May 14, 2022
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the... High Unreviewed
CVE-2018-11276 was published May 14, 2022
The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing... Critical Unreviewed
CVE-2016-8618 was published May 14, 2022
In copy_process of fork.c, there is possible memory corruption due to a double free. This could... High Unreviewed
CVE-2018-9513 was published May 14, 2022
Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote... Moderate Unreviewed
CVE-2015-5203 was published May 14, 2022
In Snapdragon (Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655,... High Unreviewed
CVE-2018-11982 was published May 14, 2022
An issue was discovered in gThumb through 3.6.2. There is a double-free vulnerability in the... High Unreviewed
CVE-2018-18718 was published May 14, 2022
Double memory free while closing TEE SE API Session management in Snapdragon Mobile in version SD... High Unreviewed
CVE-2017-18297 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API