GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,444
Erlang
29
GitHub Actions
16
Go
1,668
Maven
4,928
npm
3,458
NuGet
595
pip
2,876
Pub
10
RubyGems
823
Rust
766
Swift
34
Unreviewed advisories
All unreviewed
5,000+
154 advisories
Filter by severity
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer)....
Moderate
Unreviewed
CVE-2022-21556
was published
Jul 20, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General)....
Moderate
Unreviewed
CVE-2022-21550
was published
Jul 20, 2022
Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker...
High
Unreviewed
CVE-2022-30634
was published
Jul 16, 2022
An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in...
High
Unreviewed
CVE-2022-34918
was published
Jul 5, 2022
Information Exposure vulnerability in My Account Settings of Devolutions Remote Desktop Manager...
Moderate
Unreviewed
CVE-2022-2221
was published
Jun 28, 2022
Apache Tika contains incomplete fix for regex DoS
Low
CVE-2022-33879
was published
for
org.apache.tika:tika
(Maven)
Jun 28, 2022
A maliciously crafted TGA file in Autodesk AutoCAD 2023 may be used to write beyond the allocated...
High
Unreviewed
CVE-2022-27870
was published
Jun 22, 2022
A maliciously crafted TIFF file in Autodesk AutoCAD 2023 can be forced to read and write beyond...
High
Unreviewed
CVE-2022-27869
was published
Jun 22, 2022
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when...
High
Unreviewed
CVE-2022-27778
was published
Jun 3, 2022
Regular expression denial of service in apache tika
Moderate
CVE-2022-30973
was published
for
org.apache.tika:tika-core
(Maven)
Jun 1, 2022
prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows...
High
Unreviewed
CVE-2021-41864
was published
May 24, 2022
fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict...
High
Unreviewed
CVE-2021-33909
was published
May 24, 2022
A Type Confusion vulnerability in Autodesk 2018, 2017, 2013, 2012, 2011 can occur when processing...
High
Unreviewed
CVE-2021-27038
was published
May 24, 2022
A Double Free vulnerability allows remote attackers to execute arbitrary code on PDF files within...
High
Unreviewed
CVE-2021-27033
was published
May 24, 2022
A maliciously crafted TIFF file in Autodesk 2018, 2017, 2013, 2012, 2011 can be forced to read...
High
Unreviewed
CVE-2021-27039
was published
May 24, 2022
A maliciously crafted PNG, PDF or DWF file in Autodesk 2018, 2017, 2013, 2012, 2011 can be used...
High
Unreviewed
CVE-2021-27037
was published
May 24, 2022
A maliciously crafted TIFF, PDF, PICT or DWF files in Autodesk 2018, 2017, 2013, 2012, 2011 can...
High
Unreviewed
CVE-2021-27035
was published
May 24, 2022
A maliciously crafted PDF, PICT or TIFF file can be used to write beyond the allocated buffer...
High
Unreviewed
CVE-2021-27036
was published
May 24, 2022
A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG...
High
Unreviewed
CVE-2021-27041
was published
May 24, 2022
An Arbitrary Address Write issue in the Autodesk DWG application can allow a malicious user to...
Moderate
Unreviewed
CVE-2021-27043
was published
May 24, 2022
A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG...
High
Unreviewed
CVE-2021-27042
was published
May 24, 2022
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU....
Low
Unreviewed
CVE-2021-3593
was published
May 24, 2022
A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs...
Moderate
Unreviewed
CVE-2021-20196
was published
May 24, 2022
An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If...
High
Unreviewed
CVE-2021-27218
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API