GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
17 advisories
Filter by severity
Unsound casting in flatbuffers
Critical
CVE-2019-25004
was published
for
flatbuffers
(Rust)
Aug 25, 2021
Unaligned memory access in rand_core
Critical
CVE-2020-25576
was published
for
rand_core
(Rust)
Aug 25, 2021
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X...
Critical
Unreviewed
CVE-2016-6992
was published
May 13, 2022
Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable type confusion...
Critical
Unreviewed
CVE-2018-4944
was published
May 13, 2022
MP4NameFirstMatches in mp4util.cpp in MP4v2 2.0.0 mishandles substrings of atom names, leading to...
Critical
Unreviewed
CVE-2018-14403
was published
May 13, 2022
Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006...
Critical
Unreviewed
CVE-2018-12812
was published
May 14, 2022
Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful...
Critical
Unreviewed
CVE-2018-15981
was published
May 14, 2022
Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion...
Critical
Unreviewed
CVE-2018-4920
was published
May 14, 2022
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection...
Critical
Unreviewed
CVE-2016-7979
was published
May 14, 2022
Improper Input Validation in IpMatcher
Critical
CVE-2021-33318
was published
for
IpMatcher
(NuGet)
May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c...
Critical
Unreviewed
CVE-2017-9183
was published
May 17, 2022
In HAliasAnalyzer.Query of hydrogen-alias-analysis.h, there is possible memory corruption due to...
Critical
Unreviewed
CVE-2019-2097
was published
May 24, 2022
A type confusion vulnerability in the merge_param() function of php_http_params.c in PHP's pecl...
Critical
Unreviewed
CVE-2016-7398
was published
May 24, 2022
A vulnerability was found in NagVis up to 1.9.33 and classified as problematic. This issue...
Critical
Unreviewed
CVE-2022-3979
was published
Nov 14, 2022
An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of...
Critical
Unreviewed
CVE-2022-43663
was published
Mar 20, 2023
ProTip!
Advisories are also available from the
GraphQL API