Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,626
Erlang
29
GitHub Actions
16
Go
1,698
Maven
4,936
npm
3,466
NuGet
601
pip
2,975
Pub
10
RubyGems
826
Rust
767
Swift
34
Unreviewed advisories
All unreviewed
5,000+

14 advisories

IBM PureApplication System 2.2.3.0 through 2.2.5.3 could allow an authenticated user with local... High Unreviewed
CVE-2019-4241 was published May 24, 2022
Due to a missing case handling object types, a type confusion vulnerability could occur,... Moderate Unreviewed
CVE-2019-17017 was published May 24, 2022
Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some... Moderate Unreviewed
CVE-2019-17024 was published May 24, 2022
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer... Moderate Unreviewed
CVE-2019-17022 was published May 24, 2022
Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a... Moderate Unreviewed
CVE-2019-17011 was published May 24, 2022
Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some... Moderate Unreviewed
CVE-2019-17012 was published May 24, 2022
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer... Moderate Unreviewed
CVE-2019-17016 was published May 24, 2022
When using nested workers, a use-after-free could occur during worker destruction. This resulted... Moderate Unreviewed
CVE-2019-17008 was published May 24, 2022
Under certain conditions, when checking the Resist Fingerprinting preference during device... Moderate Unreviewed
CVE-2019-17010 was published May 24, 2022
The plain text serializer used a fixed-size array for the number of <ol> elements it could... Moderate Unreviewed
CVE-2019-17005 was published May 24, 2022
When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller... Moderate Unreviewed
CVE-2019-11745 was published May 24, 2022
A Cross Site Scripting (XSS) issue exists in Avast AntiVirus (Free, Internet Security, and... Moderate Unreviewed
CVE-2019-18653 was published May 24, 2022
A Cross Site Scripting (XSS) issue exists in AVG AntiVirus (Internet Security Edition) 19.3.3084... Moderate Unreviewed
CVE-2019-18654 was published May 24, 2022
The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have... Critical Unreviewed
CVE-2018-12910 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API