Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

206 advisories

Loading
Possible out of bounds access due to improper input validation during graphics profiling in... High Unreviewed
CVE-2021-35105 was published Apr 2, 2022
Possible buffer overflow to improper validation of hash segment of file while allocating memory... High Unreviewed
CVE-2021-35110 was published Apr 2, 2022
A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP... Moderate Unreviewed
CVE-2022-0322 was published Mar 26, 2022
Possible out of bounds read due to improper typecasting while handling page fault for global... High Unreviewed
CVE-2021-35091 was published Jun 15, 2022
WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that... High Unreviewed
CVE-2016-4709 was published May 17, 2022
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10... High Unreviewed
CVE-2016-7655 was published May 17, 2022
WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that... High Unreviewed
CVE-2016-4710 was published May 17, 2022
In audio DSP, there is a possible memory corruption due to improper casting. This could lead to... Moderate Unreviewed
CVE-2022-21786 was published Jul 7, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c... Critical Unreviewed
CVE-2017-9183 was published May 17, 2022
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and... High Unreviewed
CVE-2017-2962 was published May 17, 2022
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion... High Unreviewed
CVE-2017-2995 was published May 14, 2022
Memory corruption in display driver due to incorrect type casting while accessing the fence... High Unreviewed
CVE-2022-25715 was published Jan 9, 2023
In HAliasAnalyzer.Query of hydrogen-alias-analysis.h, there is possible memory corruption due to... Critical Unreviewed
CVE-2019-2097 was published May 24, 2022
Memory corruption in multimedia due to incorrect type conversion while adding data in Snapdragon... High Unreviewed
CVE-2022-22102 was published Sep 3, 2022
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X... Critical Unreviewed
CVE-2016-6992 was published May 13, 2022
Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion... Critical Unreviewed
CVE-2018-4920 was published May 14, 2022
An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt... High Unreviewed
CVE-2021-43537 was published Dec 9, 2021
A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to... High Unreviewed
CVE-2020-7081 was published May 24, 2022
In GitLab before 13.0.12, 13.1.6 and 13.2.3 using a branch with a hexadecimal name could override... Moderate Unreviewed
CVE-2020-13293 was published May 24, 2022
Type confusion in Gallagher Command Centre Server allows a remote attacker to crash the server or... High Unreviewed
CVE-2020-16103 was published May 24, 2022
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer... Moderate Unreviewed
CVE-2021-25175 was published May 24, 2022
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer... Moderate Unreviewed
CVE-2021-25177 was published May 24, 2022
A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to a wild address read in the... Moderate Unreviewed
CVE-2021-28275 was published Mar 24, 2022
Incorrect pointer argument passed to trusted application TA could result in un-intended memory... High Unreviewed
CVE-2021-1923 was published May 24, 2022
A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a... High Unreviewed
CVE-2021-3578 was published Feb 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database