GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,247
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,840 advisories
Filter by severity
X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by...
Critical
Unreviewed
CVE-2016-7948
was published
May 17, 2022
Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out...
Critical
Unreviewed
CVE-2016-7947
was published
May 17, 2022
JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 22, allows remote...
Critical
Unreviewed
CVE-2017-5949
was published
May 17, 2022
Google gRPC before 2017-04-05 has an out-of-bounds write caused by a heap-based buffer overflow...
Critical
Unreviewed
CVE-2017-9431
was published
May 17, 2022
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the deviceList parameter in...
Critical
Unreviewed
CVE-2022-32032
was published
Jul 2, 2022
On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the...
Critical
Unreviewed
CVE-2022-4873
was published
Jan 11, 2023
Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan.
Critical
Unreviewed
CVE-2022-32386
was published
Jul 7, 2022
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the AdvSetMacMtuWan function.
Critical
Unreviewed
CVE-2022-32383
was published
Jul 7, 2022
Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core...
Critical
Unreviewed
CVE-2017-7861
was published
May 17, 2022
The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to...
Critical
Unreviewed
CVE-2016-7950
was published
May 17, 2022
An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace...
Critical
Unreviewed
CVE-2018-12714
was published
May 14, 2022
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ajaxmsg...
Critical
Unreviewed
CVE-2022-34608
was published
Jul 21, 2022
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter...
Critical
Unreviewed
CVE-2022-34605
was published
Jul 21, 2022
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the DelDNSHnList...
Critical
Unreviewed
CVE-2022-34603
was published
Jul 21, 2022
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the URL /ihomers/app.
Critical
Unreviewed
CVE-2022-34610
was published
Jul 21, 2022
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the INTF parameter...
Critical
Unreviewed
CVE-2022-34604
was published
Jul 21, 2022
Document Liberation Project libstaroffice before 2017-04-07 has an out-of-bounds write caused by...
Critical
Unreviewed
CVE-2017-9432
was published
May 17, 2022
udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x through 5.0.11 allows...
Critical
Unreviewed
CVE-2019-11683
was published
May 24, 2022
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ...
Critical
Unreviewed
CVE-2017-16281
was published
Jan 12, 2023
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X...
Critical
Unreviewed
CVE-2016-4172
was published
May 14, 2022
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and...
Critical
Unreviewed
CVE-2017-9225
was published
May 17, 2022
FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow...
Critical
Unreviewed
CVE-2017-7859
was published
May 17, 2022
Out of bounds write in Chrome OS Audio Server in Google Chrome on Chrome OS prior to 102.0.5005...
Critical
Unreviewed
CVE-2022-2587
was published
Aug 13, 2022
pdftojson commit 94204bb was discovered to contain a stack overflow via the component Object:...
Critical
Unreviewed
CVE-2022-44108
was published
Dec 20, 2022
In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds...
Critical
Unreviewed
CVE-2022-20229
was published
Jul 14, 2022
ProTip!
Advisories are also available from the
GraphQL API