GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
484 advisories
Filter by severity
The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a...
Critical
Unreviewed
CVE-2017-16840
was published
May 13, 2022
unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib...
Critical
Unreviewed
CVE-2017-14122
was published
May 13, 2022
Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to...
Critical
Unreviewed
CVE-2016-6520
was published
May 13, 2022
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder,...
Critical
Unreviewed
CVE-2019-8280
was published
May 13, 2022
UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC code inside client CoRRE...
Critical
Unreviewed
CVE-2019-8261
was published
May 13, 2022
UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper...
Critical
Unreviewed
CVE-2019-8265
was published
May 13, 2022
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder...
Critical
Unreviewed
CVE-2019-8264
was published
May 13, 2022
UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC client RRE decoder code,...
Critical
Unreviewed
CVE-2019-8260
was published
May 13, 2022
An issue was discovered in PHP 7.3.x before 7.3.1. An invalid multibyte string supplied as an...
Critical
Unreviewed
CVE-2019-9025
was published
May 13, 2022
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is...
Critical
Unreviewed
CVE-2017-2620
was published
May 13, 2022
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an...
Critical
Unreviewed
CVE-2017-2615
was published
May 13, 2022
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability...
Critical
Unreviewed
CVE-2017-11213
was published
May 13, 2022
Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015...
Critical
Unreviewed
CVE-2017-11306
was published
May 13, 2022
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability...
Critical
Unreviewed
CVE-2017-3112
was published
May 13, 2022
Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015...
Critical
Unreviewed
CVE-2017-11307
was published
May 13, 2022
Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015...
Critical
Unreviewed
CVE-2017-11250
was published
May 13, 2022
Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015...
Critical
Unreviewed
CVE-2017-11240
was published
May 13, 2022
Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015...
Critical
Unreviewed
CVE-2017-11253
was published
May 13, 2022
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability...
Critical
Unreviewed
CVE-2017-3114
was published
May 13, 2022
URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParse*Ex*...
Critical
Unreviewed
CVE-2018-20721
was published
May 13, 2022
The name_parse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have...
Critical
Unreviewed
CVE-2016-10195
was published
May 13, 2022
An issue, also known as DW201703-002, was discovered in libdwarf 2017-03-21. In...
Critical
Unreviewed
CVE-2017-9054
was published
May 13, 2022
An issue, also known as DW201703-005, was discovered in libdwarf 2017-03-21. A heap-based buffer...
Critical
Unreviewed
CVE-2017-9053
was published
May 13, 2022
An issue, also known as DW201703-001, was discovered in libdwarf 2017-03-21. In dwarf_formsdata()...
Critical
Unreviewed
CVE-2017-9055
was published
May 13, 2022
An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac,...
Critical
Unreviewed
CVE-2017-5053
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API