Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,948
Erlang
29
GitHub Actions
16
Go
1,740
Maven
4,967
npm
3,504
NuGet
607
pip
3,064
Pub
10
RubyGems
832
Rust
779
Swift
34
Unreviewed advisories
All unreviewed
5,000+

607 advisories

Signature validation bypass in ServiceStack Moderate
CVE-2020-28042 was published for ServiceStack (NuGet) Jan 13, 2021
XML External Entity attack in log4net Critical
CVE-2018-1285 was published for log4net (NuGet) Jan 29, 2021
Improper Authentication High
GHSA-qxx8-292g-2w66 was published for Microsoft.Bot.Connector (NuGet) Mar 8, 2021
Out-of-bounds write in libpng High
CVE-2018-14550 was published for libpng (NuGet) Mar 22, 2021
Double Free in Adplug Critical
CVE-2019-15151 was published for adplug (NuGet) Mar 29, 2021
Out-of-bounds write High
CVE-2019-1366 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write High
CVE-2019-1335 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write High
CVE-2019-1307 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write High
CVE-2019-1308 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write High
CVE-2019-1300 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write High
CVE-2019-1298 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write High
CVE-2019-1237 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write High
CVE-2019-1217 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write High
CVE-2019-1138 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write High
CVE-2019-1197 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write High
CVE-2019-1107 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write High
CVE-2019-0925 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write High
CVE-2019-0991 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write in Microsoft.ChakraCore High
CVE-2019-1131 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write in Microsoft.ChakraCore High
CVE-2019-1140 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write High
CVE-2019-0993 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write in Microsoft.ChakraCore High
CVE-2019-1139 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write in Microsoft.ChakraCore High
CVE-2019-1141 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write in Microsoft.ChakraCore High
CVE-2019-1195 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write in ChakraCore High
CVE-2019-1196 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
ProTip! Advisories are also available from the GraphQL API