Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

15 advisories

Loading
SpiceDB calls to LookupResources using LookupResources2 with caveats may return context is missing when it is not Low
CVE-2024-48909 was published for github.com/authzed/spicedb (Go) Oct 14, 2024
The kstring integration in gix-attributes is unsound Low
GHSA-cx7h-h87r-jpgr was published for gix-attributes (Rust) Jul 25, 2024
A vulnerability in the Secure Sockets Layer (SSL) VPN feature of Cisco Adaptive Security... Moderate Unreviewed
CVE-2019-12677 was published May 24, 2022
A security regression of CVE-2019-9636 was discovered in python since commit... Critical Unreviewed
CVE-2019-10160 was published May 24, 2022
codecs/hevcdec/SoftHEVC.cpp in libstagefright in mediaserver in Android 6.0.1 before 2016-08-01... High Unreviewed
CVE-2016-3827 was published May 17, 2022
decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-08-01 mishandles invalid PPS and... High Unreviewed
CVE-2016-3828 was published May 17, 2022
The ih264d decoder in mediaserver in Android 6.x before 2016-08-01 does not initialize certain... High Unreviewed
CVE-2016-3829 was published May 17, 2022
service/jni/com_android_server_wifi_Gbk2Utf.cpp in the Qualcomm Wi-Fi gbk2utf module in Android... Critical Unreviewed
CVE-2016-6691 was published May 17, 2022
A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of... Moderate Unreviewed
CVE-2018-7173 was published May 14, 2022
An issue was discovered in armadito-windows-driver/src/communication.c in Armadito 0.12.7.2.... Moderate Unreviewed
CVE-2018-7289 was published May 14, 2022
SAP NetWeaver Application Server Java Web Container and HTTP Service (Engine API, from 7.10 to 7... Moderate Unreviewed
CVE-2018-2415 was published May 13, 2022
Update unsound DrainFilter and RString::retain High
CVE-2020-36213 was published for abi_stable (Rust) Aug 25, 2021
Reflected cross-site scripting in development mode handler in Vaadin 14, 15-19 Low
CVE-2021-33604 was published for com.vaadin:vaadin-bom (Maven) Jun 28, 2021
Reflected cross-site scripting in development mode handler in Vaadin Low
GHSA-8vfw-v2jv-9hwc was published for com.vaadin:flow-server (Maven) Jun 28, 2021
restforce vulnerable to Improper Input Validation Critical
CVE-2018-3777 was published for restforce (RubyGems) Aug 3, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database