GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
207 advisories
Filter by severity
Possible out of bounds access due to improper input validation during graphics profiling in...
High
Unreviewed
CVE-2021-35105
was published
Apr 2, 2022
Possible buffer overflow to improper validation of hash segment of file while allocating memory...
High
Unreviewed
CVE-2021-35110
was published
Apr 2, 2022
A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP...
Moderate
Unreviewed
CVE-2022-0322
was published
Mar 26, 2022
Possible out of bounds read due to improper typecasting while handling page fault for global...
High
Unreviewed
CVE-2021-35091
was published
Jun 15, 2022
WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that...
High
Unreviewed
CVE-2016-4709
was published
May 17, 2022
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10...
High
Unreviewed
CVE-2016-7655
was published
May 17, 2022
WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that...
High
Unreviewed
CVE-2016-4710
was published
May 17, 2022
In audio DSP, there is a possible memory corruption due to improper casting. This could lead to...
Moderate
Unreviewed
CVE-2022-21786
was published
Jul 7, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c...
Critical
Unreviewed
CVE-2017-9183
was published
May 17, 2022
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and...
High
Unreviewed
CVE-2017-2962
was published
May 17, 2022
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion...
High
Unreviewed
CVE-2017-2995
was published
May 14, 2022
Memory corruption in display driver due to incorrect type casting while accessing the fence...
High
Unreviewed
CVE-2022-25715
was published
Jan 9, 2023
In HAliasAnalyzer.Query of hydrogen-alias-analysis.h, there is possible memory corruption due to...
Critical
Unreviewed
CVE-2019-2097
was published
May 24, 2022
Memory corruption in multimedia due to incorrect type conversion while adding data in Snapdragon...
High
Unreviewed
CVE-2022-22102
was published
Sep 3, 2022
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X...
Critical
Unreviewed
CVE-2016-6992
was published
May 13, 2022
Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion...
Critical
Unreviewed
CVE-2018-4920
was published
May 14, 2022
An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt...
High
Unreviewed
CVE-2021-43537
was published
Dec 9, 2021
A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to...
High
Unreviewed
CVE-2020-7081
was published
May 24, 2022
In GitLab before 13.0.12, 13.1.6 and 13.2.3 using a branch with a hexadecimal name could override...
Moderate
Unreviewed
CVE-2020-13293
was published
May 24, 2022
Type confusion in Gallagher Command Centre Server allows a remote attacker to crash the server or...
High
Unreviewed
CVE-2020-16103
was published
May 24, 2022
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer...
Moderate
Unreviewed
CVE-2021-25175
was published
May 24, 2022
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer...
Moderate
Unreviewed
CVE-2021-25177
was published
May 24, 2022
A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to a wild address read in the...
Moderate
Unreviewed
CVE-2021-28275
was published
Mar 24, 2022
Incorrect pointer argument passed to trusted application TA could result in un-intended memory...
High
Unreviewed
CVE-2021-1923
was published
May 24, 2022
A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a...
High
Unreviewed
CVE-2021-3578
was published
Feb 17, 2022
ProTip!
Advisories are also available from the
GraphQL API