GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
227 advisories
Filter by severity
A CWE-704: Incorrect Project Conversion vulnerability exists that allows adversaries with local...
High
Unreviewed
CVE-2022-41668
was published
Nov 4, 2022
com.amazon.redshift:redshift-jdbc42 vulnerable to remote command execution
High
CVE-2022-41828
was published
for
com.amazon.redshift:redshift-jdbc42
(Maven)
Oct 12, 2022
Duplicate Advisory: AWS Redshift JDBC Driver fails to validate class type during object instantiation
High
GHSA-5c6q-f783-h888
was published
for
com.amazon.redshift:redshift-jdbc42
(Maven)
Sep 30, 2022
•
withdrawn
A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases,...
High
Unreviewed
CVE-2020-10735
was published
Sep 10, 2022
Memory corruption in multimedia due to incorrect type conversion while adding data in Snapdragon...
High
Unreviewed
CVE-2022-22102
was published
Sep 3, 2022
In audio DSP, there is a possible memory corruption due to improper casting. This could lead to...
Moderate
Unreviewed
CVE-2022-21786
was published
Jul 7, 2022
pg-native and libpq vulnerable to uncontrolled resource consumption
High
CVE-2022-25852
was published
for
libpq
(npm)
Jun 18, 2022
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte...
High
Unreviewed
CVE-2022-32547
was published
Jun 17, 2022
Possible out of bounds read due to improper typecasting while handling page fault for global...
High
Unreviewed
CVE-2021-35091
was published
Jun 15, 2022
Incorrect pointer argument passed to trusted application TA could result in un-intended memory...
High
Unreviewed
CVE-2021-1923
was published
May 24, 2022
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer...
Moderate
Unreviewed
CVE-2021-25175
was published
May 24, 2022
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer...
Moderate
Unreviewed
CVE-2021-25177
was published
May 24, 2022
Type confusion in Gallagher Command Centre Server allows a remote attacker to crash the server or...
High
Unreviewed
CVE-2020-16103
was published
May 24, 2022
In GitLab before 13.0.12, 13.1.6 and 13.2.3 using a branch with a hexadecimal name could override...
Moderate
Unreviewed
CVE-2020-13293
was published
May 24, 2022
A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to...
High
Unreviewed
CVE-2020-7081
was published
May 24, 2022
Forcepoint NGFW Security Management Center (SMC) versions lower than 6.5.12 or 6.7.1 have a rare...
Moderate
Unreviewed
CVE-2019-6147
was published
May 24, 2022
An exploitable use-after-free vulnerability exists in the Length parsing function of NitroPDF. A...
High
Unreviewed
CVE-2019-5053
was published
May 24, 2022
A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA)...
Moderate
Unreviewed
CVE-2019-12693
was published
May 24, 2022
A type confusion vulnerability in the merge_param() function of php_http_params.c in PHP's pecl...
Critical
Unreviewed
CVE-2016-7398
was published
May 24, 2022
Incorrect Privilege Assignment in Jenkins Script Security Plugin
High
CVE-2019-10355
was published
for
org.jenkins-ci.plugins:script-security
(Maven)
May 24, 2022
Type confusion in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to...
High
Unreviewed
CVE-2018-6157
was published
May 24, 2022
In HAliasAnalyzer.Query of hydrogen-alias-analysis.h, there is possible memory corruption due to...
Critical
Unreviewed
CVE-2019-2097
was published
May 24, 2022
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and...
High
Unreviewed
CVE-2017-2962
was published
May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c...
Critical
Unreviewed
CVE-2017-9183
was published
May 17, 2022
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10...
High
Unreviewed
CVE-2016-7655
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API