GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,678
NuGet
645
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20,211 advisories
Filter by severity
Inappropriate implementation in iframe in Google Chrome prior to 77.0.3865.75 allowed a remote...
Critical
Unreviewed
CVE-2019-25154
was published
Jul 17, 2024
In J2eeFAST <=2.7, the backend function has unsafe filtering, which allows an attacker to trigger...
Critical
Unreviewed
CVE-2024-45944
was published
Oct 18, 2024
The devices are vulnerable to session hijacking due to insufficient
entropy in its session ID...
Critical
Unreviewed
CVE-2024-47945
was published
Oct 15, 2024
Learning with Texts (LWT) 2.0.3 is vulnerable to SQL Injection. This occurs when the application...
Critical
Unreviewed
CVE-2024-48509
was published
Oct 21, 2024
ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an...
Critical
Unreviewed
CVE-2024-9537
was published
Oct 18, 2024
First Corporation's DVRs use a hard-coded password, which may allow a remote unauthenticated...
Critical
Unreviewed
CVE-2023-47213
was published
Nov 16, 2023
During DOM manipulations of the accessibility tree through script, the DOM tree can become out of...
Critical
Unreviewed
CVE-2017-5464
was published
May 14, 2022
A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG...
Critical
Unreviewed
CVE-2017-7786
was published
May 14, 2022
An out-of-bounds read while processing SVG content in "ConvolvePixel". This results in a crash...
Critical
Unreviewed
CVE-2017-5465
was published
May 14, 2022
A use-after-free vulnerability during XSLT processing due to the result handler being held by a...
Critical
Unreviewed
CVE-2017-5438
was published
May 14, 2022
A use-after-free vulnerability during XSLT processing due to a failure to propagate error...
Critical
Unreviewed
CVE-2017-5440
was published
May 14, 2022
An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect...
Critical
Unreviewed
CVE-2017-5446
was published
May 14, 2022
Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex....
Critical
Unreviewed
CVE-2017-5469
was published
May 14, 2022
A use-after-free vulnerability in frame selection triggered by a combination of malicious script...
Critical
Unreviewed
CVE-2017-5460
was published
May 14, 2022
Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these...
Critical
Unreviewed
CVE-2018-5188
was published
May 14, 2022
A vulnerability can occur when capturing a media stream when the media source type is changed as...
Critical
Unreviewed
CVE-2018-5156
was published
May 14, 2022
Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0...
Critical
Unreviewed
CVE-2016-5277
was published
May 14, 2022
Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox...
Critical
Unreviewed
CVE-2016-5281
was published
May 14, 2022
A use-after-free vulnerability occurs during certain text input selection resulting in a...
Critical
Unreviewed
CVE-2017-5432
was published
May 14, 2022
Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in...
Critical
Unreviewed
CVE-2016-5270
was published
May 14, 2022
Use-after-free while manipulating DOM events and removing audio elements due to errors in the...
Critical
Unreviewed
CVE-2016-9899
was published
May 14, 2022
A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation...
Critical
Unreviewed
CVE-2017-5433
was published
May 14, 2022
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters...
Critical
Unreviewed
CVE-2017-5439
was published
May 14, 2022
The Social Warfare plugin for WordPress is vulnerable to Remote Code Execution in versions up to,...
Critical
Unreviewed
CVE-2021-4434
was published
Jan 17, 2024
An out-of-bounds read during the processing of glyph widths during text layout. This results in a...
Critical
Unreviewed
CVE-2017-5447
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API