GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,748
Maven
4,978
npm
3,509
NuGet
609
pip
3,073
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
21,725 advisories
Filter by severity
JBMC DirectAdmin before 1.52, when the email_ftp_password_change setting is nonzero, allows...
Critical
Unreviewed
CVE-2017-18045
was published
May 13, 2022
An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the...
Critical
Unreviewed
CVE-2017-18212
was published
May 13, 2022
The Gentoo net-misc/vde package before version 2.3.2-r4 may allow members of the "qemu" group to...
Critical
Unreviewed
CVE-2017-16638
was published
May 13, 2022
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading...
Critical
Unreviewed
CVE-2017-3097
was published
May 13, 2022
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading...
Critical
Unreviewed
CVE-2017-3090
was published
May 13, 2022
BA SYSTEMS BAS Web on BAS920 devices (with Firmware 01.01.00*, HTTPserv 00002, and Script 02.*)...
Critical
Unreviewed
CVE-2017-17974
was published
May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645,...
Critical
Unreviewed
CVE-2017-18314
was published
May 13, 2022
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle...
Critical
Unreviewed
CVE-2017-3324
was published
May 13, 2022
Credentials for Zivif PR115-204-P-RS V2.3.4.2103 Webcams can be obtained by an unauthenticated...
Critical
Unreviewed
CVE-2017-17106
was published
May 13, 2022
Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote attackers to append an...
Critical
Unreviewed
CVE-2017-18001
was published
May 13, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon...
Critical
Unreviewed
CVE-2017-18071
was published
May 13, 2022
The daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, does not check for fnamecmp...
Critical
Unreviewed
CVE-2017-17434
was published
May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10...
Critical
Unreviewed
CVE-2017-2423
was published
May 13, 2022
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier, Toshiba Home gateway HEM...
Critical
Unreviewed
CVE-2017-2234
was published
May 13, 2022
An issue was discovered in Valve Steam Link build 643. When the SSH daemon is enabled for local...
Critical
Unreviewed
CVE-2017-17877
was published
May 13, 2022
EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0 is...
Critical
Unreviewed
CVE-2017-2765
was published
May 13, 2022
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading...
Critical
Unreviewed
CVE-2017-3092
was published
May 13, 2022
Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote...
Critical
Unreviewed
CVE-2022-2010
was published
Jul 29, 2022
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10...
Critical
Unreviewed
CVE-2017-2519
was published
May 13, 2022
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue...
Critical
Unreviewed
CVE-2017-2402
was published
May 13, 2022
A potential security vulnerability has been identified with HP PageWide Printers, HP OfficeJet...
Critical
Unreviewed
CVE-2017-2741
was published
May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10...
Critical
Unreviewed
CVE-2017-2520
was published
May 13, 2022
Vulnerability in the Automatic Service Request (ASR) component of Oracle Support Tools ...
Critical
Unreviewed
CVE-2017-3234
was published
May 13, 2022
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware ...
Critical
Unreviewed
CVE-2017-3266
was published
May 13, 2022
A thread security vulnerability exists in the authentication process. Successful exploitation of...
Critical
Unreviewed
CVE-2022-46316
was published
Dec 20, 2022
ProTip!
Advisories are also available from the
GraphQL API