GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
171 advisories
Filter by severity
Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) would not error upon receiving...
High
Unreviewed
CVE-2019-3565
was published
May 24, 2022
Java Facebook Thrift servers would not error upon receiving messages with containers of fields of...
High
Unreviewed
CVE-2019-3559
was published
May 24, 2022
Python Facebook Thrift servers would not error upon receiving messages with containers of fields...
High
Unreviewed
CVE-2019-3558
was published
May 24, 2022
C++ Facebook Thrift servers (using cpp2) would not error upon receiving messages with containers...
High
Unreviewed
CVE-2019-3552
was published
May 24, 2022
Huawei smart phones LYO-L21 with software LYO-L21C479B107, LYO-L21C479B107 have a privilege...
High
Unreviewed
CVE-2017-17172
was published
May 13, 2022
In Bitmap.ccp if Bitmap.nativeCreate fails an out of memory exception is not thrown leading to a...
High
Unreviewed
CVE-2017-13199
was published
May 13, 2022
The acpi_ns_terminate() function in drivers/acpi/acpica/nsutils.c in the Linux kernel before 4.12...
High
Unreviewed
CVE-2017-11472
was published
May 13, 2022
A remote code execution vulnerability in the Android media framework (libstagefright). Product:...
High
Unreviewed
CVE-2017-0759
was published
May 13, 2022
A remote code execution vulnerability in the Android media framework (libhevc). Product: Android....
High
Unreviewed
CVE-2017-0762
was published
May 13, 2022
A remote code execution vulnerability in the Android media framework (libstagefright). Product:...
High
Unreviewed
CVE-2017-0760
was published
May 13, 2022
An elevation of privilege vulnerability in the Goodix touchscreen driver could enable a local...
High
Unreviewed
CVE-2017-0622
was published
May 13, 2022
Windows Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1,...
High
Unreviewed
CVE-2017-0193
was published
May 13, 2022
A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet...
High
Unreviewed
CVE-2017-6678
was published
May 13, 2022
fedora-arm-installer up to and including 1.99.16 is vulnerable to local privilege escalation due...
High
Unreviewed
CVE-2017-7496
was published
May 13, 2022
A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the...
High
Unreviewed
CVE-2017-7518
was published
May 13, 2022
A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP...
High
Unreviewed
CVE-2018-0316
was published
May 13, 2022
Failure condition is not handled properly and the correct error code is not returned. It could...
High
Unreviewed
CVE-2018-11921
was published
May 13, 2022
A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco...
High
Unreviewed
CVE-2018-0155
was published
May 13, 2022
A vulnerability in the web management interface of Cisco Wireless LAN Controller (WLC) Software...
High
Unreviewed
CVE-2017-3832
was published
May 13, 2022
A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP...
High
Unreviewed
CVE-2019-6575
was published
May 13, 2022
Uncaught exception in the BIOS firmware for some Intel(R) Processors may allow a privileged user...
High
Unreviewed
CVE-2021-0190
was published
May 13, 2022
Local privilege escalation in Windows products of ESET allows user who is logged into the system...
High
Unreviewed
CVE-2021-37851
was published
May 12, 2022
Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to...
High
Unreviewed
CVE-2022-27167
was published
May 11, 2022
In aee driver, there is a possible reference count mistake due to incorrect error handling. This...
High
Unreviewed
CVE-2022-20088
was published
May 4, 2022
In ion, there is a possible use after free due to incorrect error handling. This could lead to...
High
Unreviewed
CVE-2022-20111
was published
May 4, 2022
ProTip!
Advisories are also available from the
GraphQL API