Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

390 advisories

Loading
ChakraCore RCE Vulnerability High
CVE-2018-8298 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in... High Unreviewed
CVE-2018-8279 was published May 13, 2022
ChakraCore RCE Vulnerability High
CVE-2018-8229 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
ChakraCore RCE Vulnerability High
CVE-2018-8133 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X... Critical Unreviewed
CVE-2016-6992 was published May 13, 2022
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe... High Unreviewed
CVE-2016-4149 was published May 13, 2022
Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0... High Unreviewed
CVE-2017-5116 was published May 13, 2022
Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and... High Unreviewed
CVE-2017-5108 was published May 13, 2022
Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0... High Unreviewed
CVE-2017-5070 was published May 13, 2022
Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and... High Unreviewed
CVE-2017-5057 was published May 13, 2022
Type confusion in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and... High Unreviewed
CVE-2017-5059 was published May 13, 2022
Type confusion in extensions JavaScript bindings in Google Chrome prior to 60.0.3112.78 for Mac,... Moderate Unreviewed
CVE-2017-5094 was published May 13, 2022
Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure,... High Unreviewed
CVE-2017-11292 was published May 13, 2022
Foxit PDF Reader and PDF Editor before 11.2.2 have a Type Confusion issue that causes a crash... High Unreviewed
CVE-2022-30557 was published May 12, 2022
Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac;... High Unreviewed
CVE-2010-0258 was published May 2, 2022
The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to... Moderate Unreviewed
CVE-2012-4512 was published Apr 23, 2022
Type confusion in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to... High Unreviewed
CVE-2022-0457 was published Apr 6, 2022
Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker... High Unreviewed
CVE-2022-0795 was published Apr 6, 2022
Type Confusion in LiveHelperChat High
CVE-2022-1176 was published for remdex/livehelperchat (Composer) Apr 1, 2022
Firebase PHP-JWT key/algorithm type confusion Critical
CVE-2021-46743 was published for firebase/php-jwt (Composer) Mar 30, 2022
llupa
Type Confusion in ImpressCMS Critical
CVE-2021-26600 was published for impresscms/impresscms (Composer) Mar 29, 2022
A type confusion issue was addressed with improved state handling. This issue is fixed in macOS... High Unreviewed
CVE-2022-22661 was published Mar 19, 2022
There is a vulnerability of accessing resources using an incompatible type (type confusion) in... High Unreviewed
CVE-2021-40061 was published Mar 11, 2022
njs through 0.7.1, used in NGINX, was discovered to contain a control flow hijack caused by a... Critical Unreviewed
CVE-2021-46463 was published Feb 15, 2022
Type confusion in V8 in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to... High Unreviewed
CVE-2022-0102 was published Feb 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database