Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

484 advisories

Loading
The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a... Critical Unreviewed
CVE-2017-16840 was published May 13, 2022
unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib... Critical Unreviewed
CVE-2017-14122 was published May 13, 2022
Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to... Critical Unreviewed
CVE-2016-6520 was published May 13, 2022
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder,... Critical Unreviewed
CVE-2019-8280 was published May 13, 2022
UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC code inside client CoRRE... Critical Unreviewed
CVE-2019-8261 was published May 13, 2022
UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper... Critical Unreviewed
CVE-2019-8265 was published May 13, 2022
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder... Critical Unreviewed
CVE-2019-8264 was published May 13, 2022
UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC client RRE decoder code,... Critical Unreviewed
CVE-2019-8260 was published May 13, 2022
An issue was discovered in PHP 7.3.x before 7.3.1. An invalid multibyte string supplied as an... Critical Unreviewed
CVE-2019-9025 was published May 13, 2022
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is... Critical Unreviewed
CVE-2017-2620 was published May 13, 2022
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an... Critical Unreviewed
CVE-2017-2615 was published May 13, 2022
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability... Critical Unreviewed
CVE-2017-11213 was published May 13, 2022
Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015... Critical Unreviewed
CVE-2017-11306 was published May 13, 2022
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability... Critical Unreviewed
CVE-2017-3112 was published May 13, 2022
Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015... Critical Unreviewed
CVE-2017-11307 was published May 13, 2022
Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015... Critical Unreviewed
CVE-2017-11250 was published May 13, 2022
Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015... Critical Unreviewed
CVE-2017-11240 was published May 13, 2022
Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015... Critical Unreviewed
CVE-2017-11253 was published May 13, 2022
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability... Critical Unreviewed
CVE-2017-3114 was published May 13, 2022
URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParse*Ex*... Critical Unreviewed
CVE-2018-20721 was published May 13, 2022
The name_parse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have... Critical Unreviewed
CVE-2016-10195 was published May 13, 2022
An issue, also known as DW201703-002, was discovered in libdwarf 2017-03-21. In... Critical Unreviewed
CVE-2017-9054 was published May 13, 2022
An issue, also known as DW201703-005, was discovered in libdwarf 2017-03-21. A heap-based buffer... Critical Unreviewed
CVE-2017-9053 was published May 13, 2022
An issue, also known as DW201703-001, was discovered in libdwarf 2017-03-21. In dwarf_formsdata()... Critical Unreviewed
CVE-2017-9055 was published May 13, 2022
An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac,... Critical Unreviewed
CVE-2017-5053 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database