GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,444
Erlang
29
GitHub Actions
16
Go
1,668
Maven
4,928
npm
3,458
NuGet
595
pip
2,876
Pub
10
RubyGems
823
Rust
766
Swift
34
Unreviewed advisories
All unreviewed
5,000+
18 advisories
Filter by severity
The Omnibox implementation in Google Chrome before 48.0.2564.82 allows remote attackers to spoof...
Moderate
Unreviewed
CVE-2016-1615
was published
May 17, 2022
Blink, as used in Google Chrome before 48.0.2564.82, does not ensure that a proper...
Moderate
Unreviewed
CVE-2016-1618
was published
May 17, 2022
The UnacceleratedImageBufferSurface class in WebKit/Source/platform/graphics...
Moderate
Unreviewed
CVE-2016-1614
was published
May 17, 2022
Multiple use-after-free vulnerabilities in the formfiller implementation in PDFium, as used in...
High
Unreviewed
CVE-2016-1613
was published
May 17, 2022
The LoadIC::UpdateCaches function in ic/ic.cc in Google V8, as used in Google Chrome before 48.0...
High
Unreviewed
CVE-2016-1612
was published
May 17, 2022
The CustomButton::AcceleratorPressed function in ui/views/controls/button/custom_button.cc in...
Moderate
Unreviewed
CVE-2016-1616
was published
May 17, 2022
Multiple integer overflows in the (1) sycc422_to_rgb and (2) sycc444_to_rgb functions in fxcodec...
High
Unreviewed
CVE-2016-1619
was published
May 17, 2022
The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the...
Moderate
Unreviewed
CVE-2016-1617
was published
May 17, 2022
Multiple unspecified vulnerabilities in Google Chrome before 48.0.2564.82 allow attackers to...
High
Unreviewed
CVE-2016-1620
was published
May 17, 2022
Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, as used in Google Chrome...
Critical
Unreviewed
CVE-2016-2051
was published
May 17, 2022
Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48...
High
Unreviewed
CVE-2016-2052
was published
May 17, 2022
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,...
High
Unreviewed
CVE-2017-0084
was published
May 17, 2022
hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote attackers to cause a denial of...
High
Unreviewed
CVE-2015-8947
was published
May 14, 2022
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or...
High
Unreviewed
CVE-2016-0063
was published
May 14, 2022
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute...
High
Unreviewed
CVE-2016-0061
was published
May 14, 2022
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute...
High
Unreviewed
CVE-2016-0060
was published
May 14, 2022
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or...
High
Unreviewed
CVE-2016-0067
was published
May 14, 2022
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or...
High
Unreviewed
CVE-2016-0072
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API