Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,412
Erlang
28
GitHub Actions
16
Go
1,650
Maven
4,914
npm
3,437
NuGet
594
pip
2,682
Pub
10
RubyGems
822
Rust
760
Swift
34
Unreviewed advisories
All unreviewed
5,000+

11 advisories

Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote... High Unreviewed
CVE-2018-17466 was published May 14, 2022
A use-after-free vulnerability can occur after deleting a selection element due to a weak... Critical Unreviewed
CVE-2018-18492 was published May 14, 2022
A buffer overflow can occur in the Skia library during buffer offset calculations with hardware... Critical Unreviewed
CVE-2018-18493 was published May 14, 2022
A same-origin policy violation allowing the theft of cross-origin URL entries when using the... Moderate Unreviewed
CVE-2018-18494 was published May 14, 2022
Mozilla developers and community members reported memory safety bugs present in Firefox 63 and... Critical Unreviewed
CVE-2018-12405 was published May 14, 2022
psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended... High Unreviewed
CVE-2018-19477 was published May 14, 2022
psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access... High Unreviewed
CVE-2018-19476 was published May 14, 2022
An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked... Critical Unreviewed
CVE-2018-19409 was published May 13, 2022
psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended... High Unreviewed
CVE-2018-19475 was published May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch High
CVE-2018-3831 was published for org.elasticsearch:elasticsearch (Maven) May 13, 2022
A potential vulnerability leading to an integer overflow can occur during buffer size... Critical Unreviewed
CVE-2018-18498 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API