GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,013
Erlang
29
GitHub Actions
16
Go
1,806
Maven
5,000+
npm
3,553
NuGet
632
pip
3,148
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
24 advisories
Filter by severity
Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and...
Moderate
Unreviewed
CVE-2009-0146
was published
May 2, 2022
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610,...
Moderate
Unreviewed
CVE-2008-4546
was published
May 2, 2022
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and...
Moderate
Unreviewed
CVE-2009-1180
was published
May 2, 2022
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and...
Moderate
Unreviewed
CVE-2009-0147
was published
May 2, 2022
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and...
Moderate
Unreviewed
CVE-2009-0799
was published
May 2, 2022
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows...
Moderate
Unreviewed
CVE-2009-0166
was published
May 2, 2022
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java...
Moderate
Unreviewed
CVE-2010-0095
was published
May 2, 2022
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java...
Moderate
Unreviewed
CVE-2010-0091
was published
May 2, 2022
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java...
Moderate
Unreviewed
CVE-2010-0084
was published
May 2, 2022
Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business...
Moderate
Unreviewed
CVE-2010-0082
was published
May 2, 2022
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java...
Moderate
Unreviewed
CVE-2010-0093
was published
May 2, 2022
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java...
Moderate
Unreviewed
CVE-2010-0092
was published
May 2, 2022
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java...
Moderate
Unreviewed
CVE-2010-0088
was published
May 2, 2022
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java...
Moderate
Unreviewed
CVE-2010-0085
was published
May 2, 2022
Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and...
Moderate
Unreviewed
CVE-2010-0090
was published
May 2, 2022
Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and...
Moderate
Unreviewed
CVE-2010-0089
was published
May 2, 2022
Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business...
Moderate
Unreviewed
CVE-2010-0845
was published
May 2, 2022
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before...
Moderate
Unreviewed
CVE-2010-2179
was published
May 14, 2022
Adobe Flash Player 9 before 9.0.277.0 on unspecified UNIX platforms allows attackers to cause a...
Moderate
Unreviewed
CVE-2010-2172
was published
May 17, 2022
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier,...
Moderate
Unreviewed
CVE-2009-1179
was published
May 2, 2022
Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux SCSI target framework...
Moderate
Unreviewed
CVE-2010-2221
was published
May 17, 2022
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and...
Moderate
Unreviewed
CVE-2009-1181
was published
May 2, 2022
The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6,...
Moderate
Unreviewed
CVE-2009-1183
was published
May 2, 2022
Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9...
Moderate
Unreviewed
CVE-2009-0800
was published
May 2, 2022
ProTip!
Advisories are also available from the
GraphQL API