Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,840 advisories

Loading
Valve's Game Networking Sockets prior to version v1.2.0 improperly handles unreliable segments... Critical Unreviewed
CVE-2020-6016 was published May 24, 2022
An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A... Critical Unreviewed
CVE-2017-2885 was published May 13, 2022
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and... Critical Unreviewed
CVE-2017-9228 was published May 14, 2022
The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent... Critical Unreviewed
CVE-2017-8923 was published May 14, 2022
A heap-based buffer overflow exists in rippled before 1.8.5. The vulnerability allows attackers... Critical Unreviewed
CVE-2022-29077 was published Apr 26, 2022
An exploitable code execution vulnerability exists in Wi-Fi Command 9999 of the Roav A1 Dashcam... Critical Unreviewed
CVE-2018-4014 was published May 24, 2022
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET... Critical Unreviewed
CVE-2019-12256 was published May 24, 2022
An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing... Critical Unreviewed
CVE-2017-2894 was published May 13, 2022
A stack-based buffer overflow vulnerability exists in the NBNS functionality of Sealevel Systems,... Critical Unreviewed
CVE-2021-21961 was published Feb 9, 2022
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X... Critical Unreviewed
CVE-2016-4275 was published May 14, 2022
Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of... Critical Unreviewed
CVE-2019-12261 was published May 24, 2022
Annke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are... Critical Unreviewed
CVE-2021-32941 was published May 24, 2022
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... Critical Unreviewed
CVE-2020-15800 was published May 24, 2022
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X... Critical Unreviewed
CVE-2016-4276 was published May 14, 2022
An exploitable code execution vulnerability exists in the XML_UploadFile Wi-Fi command of the... Critical Unreviewed
CVE-2018-4023 was published May 24, 2022
An exploitable code execution vulnerability exists in the HTTP request-parsing function of the... Critical Unreviewed
CVE-2018-4029 was published May 24, 2022
An exploitable code execution vulnerability exists in the URL-parsing functionality of the Roav... Critical Unreviewed
CVE-2018-4016 was published May 24, 2022
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X... Critical Unreviewed
CVE-2016-6922 was published May 14, 2022
A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when... Critical Unreviewed
CVE-2021-3185 was published May 24, 2022
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X... Critical Unreviewed
CVE-2016-4274 was published May 14, 2022
BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are... Critical Unreviewed
CVE-2019-12900 was published May 24, 2022
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is... Critical Unreviewed
CVE-2019-12260 was published May 24, 2022
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... Critical Unreviewed
CVE-2020-25226 was published May 24, 2022
An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in... Critical Unreviewed
CVE-2021-29998 was published May 24, 2022
ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included... Critical Unreviewed
CVE-2021-39275 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API