GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,438
Erlang
29
GitHub Actions
16
Go
1,663
Maven
4,922
npm
3,450
NuGet
594
pip
2,853
Pub
10
RubyGems
823
Rust
764
Swift
34
Unreviewed advisories
All unreviewed
5,000+
30 advisories
Filter by severity
A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to...
High
Unreviewed
CVE-2017-5126
was published
May 14, 2022
Iteration through non-finite points in Skia in Google Chrome prior to 62.0.3202.62 allowed a...
High
Unreviewed
CVE-2017-15388
was published
May 14, 2022
An insufficient watchdog timer in navigation in Google Chrome prior to 62.0.3202.62 allowed a...
Moderate
Unreviewed
CVE-2017-15389
was published
May 14, 2022
An integer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to...
High
Unreviewed
CVE-2017-5131
was published
May 14, 2022
A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote...
High
Unreviewed
CVE-2017-5129
was published
May 14, 2022
Incorrect implementation in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote...
Moderate
Unreviewed
CVE-2017-15386
was published
May 14, 2022
Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 62.0.3202.62 allowed a...
Moderate
Unreviewed
CVE-2017-15390
was published
May 14, 2022
Use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to...
High
Unreviewed
CVE-2017-5127
was published
May 14, 2022
Heap buffer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to...
High
Unreviewed
CVE-2017-5125
was published
May 14, 2022
Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a...
Moderate
Unreviewed
CVE-2017-15394
was published
May 14, 2022
Insufficient data validation in V8 in Google Chrome prior to 62.0.3202.62 allowed an attacker who...
Moderate
Unreviewed
CVE-2017-15392
was published
May 14, 2022
Heap buffer overflow in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to...
High
Unreviewed
CVE-2017-5128
was published
May 14, 2022
Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote...
High
Unreviewed
CVE-2017-5132
was published
May 14, 2022
A use after free in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to...
Moderate
Unreviewed
CVE-2017-15395
was published
May 14, 2022
Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a...
Moderate
Unreviewed
CVE-2017-5124
was published
May 14, 2022
Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed...
High
Unreviewed
CVE-2017-15400
was published
May 14, 2022
A stack buffer overflow in V8 in Google Chrome prior to 62.0.3202.75 allowed a remote attacker to...
High
Unreviewed
CVE-2017-15406
was published
May 14, 2022
A stack buffer overflow in the QUIC networking stack in Google Chrome prior to 62.0.3202.89...
Critical
Unreviewed
CVE-2017-15398
was published
May 14, 2022
A use after free in V8 in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to...
High
Unreviewed
CVE-2017-15399
was published
May 14, 2022
A stack buffer overflow in NumberingSystem in International Components for Unicode (ICU) for C/C+...
Moderate
Unreviewed
CVE-2017-15396
was published
May 14, 2022
Off-by-one read/write on the heap in Blink in Google Chrome prior to 62.0.3202.62 allowed a...
High
Unreviewed
CVE-2017-5133
was published
May 14, 2022
A memory corruption bug in WebAssembly could lead to out of bounds read and write through V8 in...
High
Unreviewed
CVE-2017-15401
was published
May 14, 2022
Insufficient data validation in V8 builtins string generator could lead to out of bounds read and...
High
Unreviewed
CVE-2017-15428
was published
May 14, 2022
Using an ID that can be controlled by a compromised renderer which allows any frame to overwrite...
Critical
Unreviewed
CVE-2017-15402
was published
May 14, 2022
Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a...
Moderate
Unreviewed
CVE-2017-15391
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API