Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,340
Erlang
31
GitHub Actions
22
Go
2,101
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,898 advisories

Loading
Valve's Game Networking Sockets prior to version v1.2.0 improperly handles unreliable segments... Critical Unreviewed
CVE-2020-6016 was published May 24, 2022
An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A... Critical Unreviewed
CVE-2017-2885 was published May 13, 2022
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and... Critical Unreviewed
CVE-2017-9228 was published May 14, 2022
A heap-based buffer overflow exists in rippled before 1.8.5. The vulnerability allows attackers... Critical Unreviewed
CVE-2022-29077 was published Apr 26, 2022
An exploitable code execution vulnerability exists in Wi-Fi Command 9999 of the Roav A1 Dashcam... Critical Unreviewed
CVE-2018-4014 was published May 24, 2022
An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing... Critical Unreviewed
CVE-2017-2894 was published May 13, 2022
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET... Critical Unreviewed
CVE-2019-12256 was published May 24, 2022
A stack-based buffer overflow vulnerability exists in the NBNS functionality of Sealevel Systems,... Critical Unreviewed
CVE-2021-21961 was published Feb 9, 2022
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X... Critical Unreviewed
CVE-2016-4275 was published May 14, 2022
Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of... Critical Unreviewed
CVE-2019-12261 was published May 24, 2022
Annke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are... Critical Unreviewed
CVE-2021-32941 was published May 24, 2022
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... Critical Unreviewed
CVE-2020-15800 was published May 24, 2022
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X... Critical Unreviewed
CVE-2016-4276 was published May 14, 2022
An exploitable code execution vulnerability exists in the URL-parsing functionality of the Roav... Critical Unreviewed
CVE-2018-4016 was published May 24, 2022
An exploitable code execution vulnerability exists in the HTTP request-parsing function of the... Critical Unreviewed
CVE-2018-4029 was published May 24, 2022
An exploitable code execution vulnerability exists in the XML_UploadFile Wi-Fi command of the... Critical Unreviewed
CVE-2018-4023 was published May 24, 2022
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X... Critical Unreviewed
CVE-2016-6922 was published May 14, 2022
A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when... Critical Unreviewed
CVE-2021-3185 was published May 24, 2022
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X... Critical Unreviewed
CVE-2016-4274 was published May 14, 2022
BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are... Critical Unreviewed
CVE-2019-12900 was published May 24, 2022
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is... Critical Unreviewed
CVE-2019-12260 was published May 24, 2022
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... Critical Unreviewed
CVE-2020-25226 was published May 24, 2022
An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in... Critical Unreviewed
CVE-2021-29998 was published May 24, 2022
ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included... Critical Unreviewed
CVE-2021-39275 was published May 24, 2022
A memory corruption vulnerability exists in the cgi.c unescape functionality of ArduPilot APWeb... Critical Unreviewed
CVE-2022-28711 was published Apr 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database