Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,330
Erlang
31
GitHub Actions
21
Go
2,091
Maven
5,000+
npm
3,756
NuGet
678
pip
3,443
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

104 advisories

Loading
The graphics component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016... High Unreviewed
CVE-2017-8576 was published May 13, 2022
A memory initialization issue was addressed with improved memory handling. This issue is fixed in... High Unreviewed
CVE-2020-9863 was published May 24, 2022
MIMEDefang 2.80 and earlier creates a PID file after dropping privileges to a non-root account,... High Unreviewed
CVE-2017-14102 was published May 13, 2022
The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a... High Unreviewed
CVE-2017-14609 was published May 13, 2022
An elevation of privilege vulnerability in the Android media framework (libaudioservice). Product... High Unreviewed
CVE-2017-13153 was published May 13, 2022
A vulnerability has been identified in RUGGEDCOM ROS for RSL910 devices (All versions < ROS V5.0... High Unreviewed
CVE-2017-12736 was published May 13, 2022
A remote code execution vulnerability in the Android media framework (avc decoder). Product:... High Unreviewed
CVE-2017-0745 was published May 13, 2022
A remote code execution vulnerability in the Android media framework (libavc). Product: Android.... High Unreviewed
CVE-2017-0723 was published May 13, 2022
A remote denial of service vulnerability in libvpx in Mediaserver could enable an attacker to use... High Unreviewed
CVE-2017-0641 was published May 13, 2022
A vulnerability within the firewall configuration of the Cisco Application Policy Infrastructure... High Unreviewed
CVE-2017-12262 was published May 13, 2022
curl before version 7.52.1 is vulnerable to an uninitialized random in libcurl's internal... High Unreviewed
CVE-2016-9594 was published May 13, 2022
A vulnerability in the DHCPv6 input packet processor of Cisco Prime Network Registrar could allow... High Unreviewed
CVE-2019-1840 was published May 13, 2022
Skia, as used in Google Chrome before 16.0.912.77, does not perform all required initialization... High Unreviewed
CVE-2011-3927 was published May 13, 2022
The br_parse_ip_options function in net/bridge/br_netfilter.c in the Linux kernel before 2.6.39... High Unreviewed
CVE-2011-4087 was published May 13, 2022
A memory initialization issue was addressed with improved memory handling. This issue is fixed in... High Unreviewed
CVE-2019-6230 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the NBAP dissector could crash. This was... High Unreviewed
CVE-2018-7419 was published May 13, 2022
Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage... High Unreviewed
CVE-2018-10115 was published May 13, 2022
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector... High Unreviewed
CVE-2018-16058 was published May 13, 2022
LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains CWE-665: Improper Initialization... High Unreviewed
CVE-2018-20023 was published May 13, 2022
LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665:... High Unreviewed
CVE-2018-20022 was published May 13, 2022
UltraVNC revision 1211 contains multiple memory leaks (CWE-665) in VNC server code, which allows... High Unreviewed
CVE-2019-8277 was published May 13, 2022
The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote... High Unreviewed
CVE-2016-9446 was published May 13, 2022
Improper initialization in subsystem for Intel(R) CSME versions before12.0.70, 13.0.40, 13.30.10,... High Unreviewed
CVE-2020-8744 was published May 24, 2022
pgjdbc Does Not Check Class Instantiation when providing Plugin Classes High
CVE-2022-21724 was published for org.postgresql:postgresql (Maven) Feb 2, 2022
iSafeBlue
Failure to validate VM_HSAVE_PA during SNP_INIT may result in a loss of memory integrity. High Unreviewed
CVE-2021-26326 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database