GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,161
Erlang
30
GitHub Actions
19
Go
1,966
Maven
5,000+
npm
3,694
NuGet
653
pip
3,311
Pub
11
RubyGems
881
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
104 advisories
Filter by severity
The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2...
Low
Unreviewed
CVE-2011-0904
was published
May 17, 2022
The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java...
Low
Unreviewed
CVE-2011-0311
was published
May 17, 2022
Bootloader contains a vulnerability in the NV3P server where any user with physical access...
Low
Unreviewed
CVE-2021-1111
was published
May 24, 2022
A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw...
Low
Unreviewed
CVE-2021-20239
was published
May 24, 2022
Buffer overflow in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0...
Low
Unreviewed
CVE-2016-0385
was published
May 17, 2022
There is a stack-based buffer overflow on some Tenda routers (FH1202/F1202/F1200: versions before...
Low
Unreviewed
CVE-2017-9139
was published
May 17, 2022
slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service (assertion...
Low
Unreviewed
CVE-2012-1164
was published
May 17, 2022
Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop Professional 10.3.x before 10.3...
Low
Unreviewed
CVE-2014-1647
was published
May 17, 2022
Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop Professional 10.3.x before 10.3...
Low
Unreviewed
CVE-2014-1646
was published
May 17, 2022
The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running...
Low
Unreviewed
CVE-2012-6618
was published
May 17, 2022
Multiple buffer overflows in the NMEA parser (nmea-gen.c) in gypsy 0.8 allow local users to cause...
Low
Unreviewed
CVE-2011-0524
was published
May 17, 2022
OpenStack Compute (Nova) Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend...
Low
Unreviewed
CVE-2013-4261
was published
May 17, 2022
Cisco IOS 15.1 and 15.2, when a clientless SSL VPN is configured, allows remote authenticated...
Low
Unreviewed
CVE-2012-1344
was published
May 17, 2022
The fallocate implementation in the GFS2 filesystem in the Linux kernel before 3.2 relies on the...
Low
Unreviewed
CVE-2011-4098
was published
May 17, 2022
Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not...
Low
Unreviewed
CVE-2012-2394
was published
May 17, 2022
Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 allows remote authenticated users to...
Low
Unreviewed
CVE-2012-1370
was published
May 17, 2022
Improper validation for loop variable received from firmware can lead to out of bound access in...
Low
Unreviewed
CVE-2019-10535
was published
May 24, 2022
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS...
Low
Unreviewed
CVE-2019-8798
was published
May 24, 2022
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service...
Low
Unreviewed
CVE-2020-0675
was published
May 24, 2022
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP...
Low
Unreviewed
CVE-2020-5826
was published
May 24, 2022
An information disclosure vulnerability exists in the way that the Windows Graphics Device...
Low
Unreviewed
CVE-2020-0744
was published
May 24, 2022
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service...
Low
Unreviewed
CVE-2020-0677
was published
May 24, 2022
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service...
Low
Unreviewed
CVE-2020-0676
was published
May 24, 2022
An access issue was addressed with improved memory management. This issue is fixed in iOS 13.3.1...
Low
Unreviewed
CVE-2020-3836
was published
May 24, 2022
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service...
Low
Unreviewed
CVE-2020-0748
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API