GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
5,895 advisories
Filter by severity
XStream can cause a Denial of Service by injecting deeply nested objects raising a stack overflow
High
CVE-2022-40151
was published
for
com.thoughtworks.xstream:xstream
(Maven)
Dec 30, 2022
High severity vulnerability that affects Microsoft.ChakraCore
High
CVE-2019-0773
was published
for
Microsoft.ChakraCore
(NuGet)
Apr 9, 2019
High severity vulnerability that affects OPCFoundation.NetStandard.Opc.Ua
High
CVE-2018-12086
was published
for
OPCFoundation.NetStandard.Opc.Ua
(NuGet)
Oct 16, 2018
UnixAuthenticationService in Apache Ranger was updated to correctly handle user input to avoid Stack-based buffer overflow
High
CVE-2018-11778
was published
for
org.apache.ranger:ranger
(Maven)
Oct 17, 2018
High severity vulnerability that affects Microsoft.ChakraCore
High
CVE-2019-0592
was published
for
Microsoft.ChakraCore
(NuGet)
Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore
High
CVE-2019-0611
was published
for
Microsoft.ChakraCore
(NuGet)
Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore
High
CVE-2019-0769
was published
for
Microsoft.ChakraCore
(NuGet)
Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore
High
CVE-2019-0771
was published
for
Microsoft.ChakraCore
(NuGet)
Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore
High
CVE-2019-0609
was published
for
Microsoft.ChakraCore
(NuGet)
Apr 9, 2019
Out-of-bounds Write in zlib affects Nokogiri
High
GHSA-v6gp-9mmm-c6p5
was published
for
nokogiri
(RubyGems)
Apr 11, 2022
Talos vulnerable dependency due to race condition in Linux kernel's IP framework XFRM
High
GHSA-34vw-m4rh-r36p
was published
for
github.com/talos-systems/talos
(Go)
Sep 16, 2022
NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before...
High
Unreviewed
CVE-2022-41742
was published
Oct 20, 2022
NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before...
High
Unreviewed
CVE-2022-41741
was published
Oct 20, 2022
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ...
High
Unreviewed
CVE-2017-16302
was published
Jan 12, 2023
The APDFL.dll contains a memory corruption vulnerability while parsing specially crafted PDF...
High
Unreviewed
CVE-2022-3161
was published
Jan 13, 2023
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ...
High
Unreviewed
CVE-2017-16267
was published
Jan 12, 2023
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ...
High
Unreviewed
CVE-2017-16301
was published
Jan 12, 2023
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ...
High
Unreviewed
CVE-2017-16257
was published
Jan 12, 2023
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ...
High
Unreviewed
CVE-2017-16260
was published
Jan 12, 2023
Fuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are vulnerable to an out-of...
High
Unreviewed
CVE-2022-3087
was published
Jan 17, 2023
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe...
High
Unreviewed
CVE-2016-4152
was published
May 13, 2022
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe...
High
Unreviewed
CVE-2016-4155
was published
May 13, 2022
xhtml_translate_entity in xhtml.c in epub2txt (aka epub2txt2) through 2.02 allows a stack-based...
High
Unreviewed
CVE-2022-23850
was published
Jan 24, 2022
A wgagent stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an...
High
Unreviewed
CVE-2022-25292
was published
Feb 25, 2022
ProTip!
Advisories are also available from the
GraphQL API