GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
184 advisories
Filter by severity
crack does not properly restrict casts of string values
High
CVE-2013-1800
was published
for
crack
(RubyGems)
Oct 24, 2017
extlib does not properly restrict casts of string values
High
CVE-2013-1802
was published
for
extlib
(RubyGems)
Oct 24, 2017
Dangling reference in flatbuffers
High
CVE-2020-35864
was published
for
flatbuffers
(Rust)
Aug 25, 2021
os_str_bytes relies on undefined behavior of `char::from_u32_unchecked`
High
CVE-2020-35865
was published
for
os_str_bytes
(Rust)
Aug 25, 2021
Cachet vulnerable to forced reinstall
High
CVE-2021-39173
was published
for
cachethq/cachet
(Composer)
Aug 30, 2021
An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt...
High
Unreviewed
CVE-2021-43537
was published
Dec 9, 2021
The HwNearbyMain module has a Exposure of Sensitive Information to an Unauthorized Actor...
High
Unreviewed
CVE-2021-39989
was published
Jan 4, 2022
Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and...
High
Unreviewed
CVE-2021-30300
was published
Jan 14, 2022
A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a...
High
Unreviewed
CVE-2021-3578
was published
Feb 17, 2022
Improperly checked metadata on tools/armour itemstacks received from the client
High
GHSA-46c5-pfj8-fv65
was published
for
pocketmine/pocketmine-mp
(Composer)
Mar 18, 2022
Possible buffer overflow to improper validation of hash segment of file while allocating memory...
High
Unreviewed
CVE-2021-35110
was published
Apr 2, 2022
Possible out of bounds access due to improper input validation during graphics profiling in...
High
Unreviewed
CVE-2021-35105
was published
Apr 2, 2022
An exploitable type confusion vulnerability exists in the way Foxit PDF Reader version 9.0.1.1049...
High
Unreviewed
CVE-2018-3843
was published
May 13, 2022
Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion...
High
Unreviewed
CVE-2017-3106
was published
May 13, 2022
The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions...
High
Unreviewed
CVE-2015-5219
was published
May 13, 2022
In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This...
High
Unreviewed
CVE-2018-9568
was published
May 13, 2022
WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and Google Chrome before 6.0...
High
Unreviewed
CVE-2010-1822
was published
May 13, 2022
ZenMate 1.5.4 for macOS suffers from a type confusion vulnerability within the com.zenmate.chron...
High
Unreviewed
CVE-2018-8076
was published
May 13, 2022
The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45...
High
Unreviewed
CVE-2016-5263
was published
May 13, 2022
MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP4ItemAtom data type in a...
High
Unreviewed
CVE-2018-14379
was published
May 13, 2022
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a...
High
Unreviewed
CVE-2018-15910
was published
May 13, 2022
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a...
High
Unreviewed
CVE-2018-16513
was published
May 13, 2022
In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could...
High
Unreviewed
CVE-2018-15909
was published
May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations...
High
Unreviewed
CVE-2018-9941
was published
May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations...
High
Unreviewed
CVE-2018-9942
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API