GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,414

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,376 advisories

Filter by severity

Sort by

Least recently updated

DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP... Critical Unreviewed

CVE-2018-18439 was published May 14, 2022

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption... Critical Unreviewed

CVE-2017-2999 was published May 14, 2022

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X... Critical Unreviewed

CVE-2016-4240 was published May 14, 2022

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X... Critical Unreviewed

CVE-2016-4235 was published May 14, 2022

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X... Critical Unreviewed

CVE-2016-4239 was published May 14, 2022

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X... Critical Unreviewed

CVE-2016-4246 was published May 14, 2022

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X... Critical Unreviewed

CVE-2016-4244 was published May 14, 2022

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X... Critical Unreviewed

CVE-2016-4245 was published May 14, 2022

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X... Critical Unreviewed

CVE-2016-4242 was published May 14, 2022

In Signiant Manager+Agents before 13.5, the implementation of the set command has a Buffer Overflow. Critical Unreviewed

CVE-2019-8996 was published May 14, 2022

Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and... Critical Unreviewed

CVE-2016-0981 was published May 17, 2022

Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and... Critical Unreviewed

CVE-2016-0964 was published May 17, 2022

In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to an... Critical Unreviewed

CVE-2021-39708 was published Mar 17, 2022

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using... Critical Unreviewed

CVE-2021-44496 was published Apr 16, 2022

The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which... Critical Unreviewed

CVE-2016-4303 was published May 13, 2022

The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\")... Critical Unreviewed

CVE-2016-1283 was published May 13, 2022

An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A... Critical Unreviewed

CVE-2017-2885 was published May 13, 2022

The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6... Critical Unreviewed

CVE-2016-4544 was published May 14, 2022

Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and... Critical Unreviewed

CVE-2016-10160 was published May 14, 2022

The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12... Critical Unreviewed

CVE-2016-7480 was published May 14, 2022

An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing... Critical Unreviewed

CVE-2017-2894 was published May 13, 2022

Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X... Critical Unreviewed

CVE-2016-4275 was published May 14, 2022

Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of... Critical Unreviewed

CVE-2019-12261 was published May 24, 2022

Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X... Critical Unreviewed

CVE-2016-4276 was published May 14, 2022

Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X... Critical Unreviewed

CVE-2016-6922 was published May 14, 2022

Previous 1 2 3 4 5 … 55 56 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,376 advisories