GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,218
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
267 advisories
Filter by severity
A remote denial of service vulnerability in libvpx in Mediaserver could enable an attacker to use...
High
Unreviewed
CVE-2017-0641
was published
May 13, 2022
A remote code execution vulnerability in the Android media framework (avc decoder). Product:...
High
Unreviewed
CVE-2017-0745
was published
May 13, 2022
A remote code execution vulnerability in the Android media framework (libavc). Product: Android....
High
Unreviewed
CVE-2017-0723
was published
May 13, 2022
A denial of service vulnerability in the Android media framework (libavc). Product: Android....
Moderate
Unreviewed
CVE-2017-0735
was published
May 13, 2022
Uninitialized data in endianness conversion in the XEvent handling of the X.Org X Server before...
Moderate
Unreviewed
CVE-2017-10972
was published
May 13, 2022
A vulnerability has been identified in RUGGEDCOM ROS for RSL910 devices (All versions < ROS V5.0...
High
Unreviewed
CVE-2017-12736
was published
May 13, 2022
Nagios Core before 4.3.3 creates a nagios.lock PID file after dropping privileges to a non-root...
Moderate
Unreviewed
CVE-2017-12847
was published
May 13, 2022
UnrealIRCd 4.0.13 and earlier creates a PID file after dropping privileges to a non-root account,...
Moderate
Unreviewed
CVE-2017-13649
was published
May 13, 2022
An elevation of privilege vulnerability in the Android media framework (libaudioservice). Product...
High
Unreviewed
CVE-2017-13153
was published
May 13, 2022
The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a...
High
Unreviewed
CVE-2017-14609
was published
May 13, 2022
MIMEDefang 2.80 and earlier creates a PID file after dropping privileges to a non-root account,...
High
Unreviewed
CVE-2017-14102
was published
May 13, 2022
The daemon in P3Scan 3.0_rc1 and earlier creates a p3scan.pid file after dropping privileges to a...
Moderate
Unreviewed
CVE-2017-14681
was published
May 13, 2022
A memory initialization issue was addressed with improved memory handling. This issue is fixed in...
High
Unreviewed
CVE-2020-9863
was published
May 24, 2022
A vulnerability in Simple Network Management Protocol (SNMP) functions of Cisco ASR 1000 Series...
Moderate
Unreviewed
CVE-2017-3820
was published
May 13, 2022
An issue with incorrect ownership model of "privateBrowsing" information exposed through...
Critical
Unreviewed
CVE-2017-5468
was published
May 13, 2022
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an...
Moderate
Unreviewed
CVE-2017-6267
was published
May 13, 2022
The graphics component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016...
High
Unreviewed
CVE-2017-8576
was published
May 13, 2022
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the...
High
Unreviewed
CVE-2018-11943
was published
May 13, 2022
An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The...
High
Unreviewed
CVE-2018-14678
was published
May 13, 2022
Improper memory initialization in Platform Sample/Silicon Reference firmware Intel(R) Server...
High
Unreviewed
CVE-2018-12204
was published
May 13, 2022
A memory initialization issue was addressed with improved memory handling. This issue affected...
Moderate
Unreviewed
CVE-2018-4351
was published
May 13, 2022
An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS...
High
Unreviewed
CVE-2018-6947
was published
May 13, 2022
External initialization of trusted variables or data stores vulnerability exists in WordPress...
High
Unreviewed
CVE-2022-43468
was published
Dec 7, 2022
A flaw possibility of race condition and incorrect initialization of the process id was found in...
High
Unreviewed
CVE-2020-35508
was published
May 24, 2022
Tokio reject_remote_clients configuration may get dropped when creating a Windows named pipe
Moderate
CVE-2023-22466
was published
for
tokio
(Rust)
Jan 6, 2023
ProTip!
Advisories are also available from the
GraphQL API