Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

5,890 advisories

Loading
XStream can cause a Denial of Service by injecting deeply nested objects raising a stack overflow High
CVE-2022-40151 was published for com.thoughtworks.xstream:xstream (Maven) Dec 30, 2022
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0773 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects OPCFoundation.NetStandard.Opc.Ua High
CVE-2018-12086 was published for OPCFoundation.NetStandard.Opc.Ua (NuGet) Oct 16, 2018
UnixAuthenticationService in Apache Ranger was updated to correctly handle user input to avoid Stack-based buffer overflow High
CVE-2018-11778 was published for org.apache.ranger:ranger (Maven) Oct 17, 2018
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0592 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0611 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0769 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0771 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0609 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
Data races in aovec High
CVE-2020-36207 was published for aovec (Rust) Aug 25, 2021
Out-of-bounds Write in zlib affects Nokogiri High
GHSA-v6gp-9mmm-c6p5 was published for nokogiri (RubyGems) Apr 11, 2022
Talos vulnerable dependency due to race condition in Linux kernel's IP framework XFRM High
GHSA-34vw-m4rh-r36p was published for github.com/talos-systems/talos (Go) Sep 16, 2022
NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before... High Unreviewed
CVE-2022-41742 was published Oct 20, 2022
NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before... High Unreviewed
CVE-2022-41741 was published Oct 20, 2022
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ... High Unreviewed
CVE-2017-16302 was published Jan 12, 2023
The APDFL.dll contains a memory corruption vulnerability while parsing specially crafted PDF... High Unreviewed
CVE-2022-3161 was published Jan 13, 2023
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ... High Unreviewed
CVE-2017-16267 was published Jan 12, 2023
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ... High Unreviewed
CVE-2017-16301 was published Jan 12, 2023
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ... High Unreviewed
CVE-2017-16260 was published Jan 12, 2023
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the ... High Unreviewed
CVE-2017-16257 was published Jan 12, 2023
Fuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are vulnerable to an out-of... High Unreviewed
CVE-2022-3087 was published Jan 17, 2023
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe... High Unreviewed
CVE-2016-4152 was published May 13, 2022
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe... High Unreviewed
CVE-2016-4155 was published May 13, 2022
xhtml_translate_entity in xhtml.c in epub2txt (aka epub2txt2) through 2.02 allows a stack-based... High Unreviewed
CVE-2022-23850 was published Jan 24, 2022
A systemd stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an... High Unreviewed
CVE-2022-25293 was published Feb 25, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database