Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
The kstring integration in gix-attributes is unsound Low
GHSA-cx7h-h87r-jpgr was published for gix-attributes (Rust) Jul 25, 2024
A vulnerability in the Secure Sockets Layer (SSL) VPN feature of Cisco Adaptive Security... Moderate Unreviewed
CVE-2019-12677 was published May 24, 2022
A security regression of CVE-2019-9636 was discovered in python since commit... Critical Unreviewed
CVE-2019-10160 was published May 24, 2022
codecs/hevcdec/SoftHEVC.cpp in libstagefright in mediaserver in Android 6.0.1 before 2016-08-01... High Unreviewed
CVE-2016-3827 was published May 17, 2022
The ih264d decoder in mediaserver in Android 6.x before 2016-08-01 does not initialize certain... High Unreviewed
CVE-2016-3829 was published May 17, 2022
decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-08-01 mishandles invalid PPS and... High Unreviewed
CVE-2016-3828 was published May 17, 2022
service/jni/com_android_server_wifi_Gbk2Utf.cpp in the Qualcomm Wi-Fi gbk2utf module in Android... Critical Unreviewed
CVE-2016-6691 was published May 17, 2022
A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of... Moderate Unreviewed
CVE-2018-7173 was published May 14, 2022
An issue was discovered in armadito-windows-driver/src/communication.c in Armadito 0.12.7.2.... Moderate Unreviewed
CVE-2018-7289 was published May 14, 2022
SAP NetWeaver Application Server Java Web Container and HTTP Service (Engine API, from 7.10 to 7... Moderate Unreviewed
CVE-2018-2415 was published May 13, 2022
Update unsound DrainFilter and RString::retain High
CVE-2020-36213 was published for abi_stable (Rust) Aug 25, 2021
Reflected cross-site scripting in development mode handler in Vaadin 14, 15-19 Low
CVE-2021-33604 was published for com.vaadin:vaadin-bom (Maven) Jun 28, 2021
Reflected cross-site scripting in development mode handler in Vaadin Low
GHSA-8vfw-v2jv-9hwc was published for com.vaadin:flow-server (Maven) Jun 28, 2021
restforce vulnerable to Improper Input Validation Critical
CVE-2018-3777 was published for restforce (RubyGems) Aug 3, 2018
ProTip! Advisories are also available from the GraphQL API