Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

230 advisories

Loading
Google Chrome before 10.0.648.127 does not properly perform a cast of an unspecified variable... Moderate Unreviewed
CVE-2011-1200 was published May 13, 2022
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast... Moderate Unreviewed
CVE-2011-0482 was published May 13, 2022
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast... Moderate Unreviewed
CVE-2011-0483 was published May 13, 2022
WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and Google Chrome before 6.0... High Unreviewed
CVE-2010-1822 was published May 13, 2022
In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This... High Unreviewed
CVE-2018-9568 was published May 13, 2022
The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows... Moderate Unreviewed
CVE-2016-7156 was published May 13, 2022
The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions... High Unreviewed
CVE-2015-5219 was published May 13, 2022
Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable type confusion... Critical Unreviewed
CVE-2018-4944 was published May 13, 2022
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X... Critical Unreviewed
CVE-2016-6992 was published May 13, 2022
Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion... High Unreviewed
CVE-2017-3106 was published May 13, 2022
An exploitable type confusion vulnerability exists in the way Foxit PDF Reader version 9.0.1.1049... High Unreviewed
CVE-2018-3843 was published May 13, 2022
Possible out of bounds access due to improper input validation during graphics profiling in... High Unreviewed
CVE-2021-35105 was published Apr 2, 2022
Possible buffer overflow to improper validation of hash segment of file while allocating memory... High Unreviewed
CVE-2021-35110 was published Apr 2, 2022
A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP... Moderate Unreviewed
CVE-2022-0322 was published Mar 26, 2022
A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to a wild address read in the... Moderate Unreviewed
CVE-2021-28275 was published Mar 24, 2022
Improperly checked metadata on tools/armour itemstacks received from the client High
GHSA-46c5-pfj8-fv65 was published for pocketmine/pocketmine-mp (Composer) Mar 18, 2022
JavierLeon9966
A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a... High Unreviewed
CVE-2021-3578 was published Feb 17, 2022
Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and... High Unreviewed
CVE-2021-30300 was published Jan 14, 2022
The HwNearbyMain module has a Exposure of Sensitive Information to an Unauthorized Actor... High Unreviewed
CVE-2021-39989 was published Jan 4, 2022
An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt... High Unreviewed
CVE-2021-43537 was published Dec 9, 2021
Cachet vulnerable to forced reinstall High
CVE-2021-39173 was published for cachethq/cachet (Composer) Aug 30, 2021
thomas-chauchefoin-sonarsource
Unaligned memory access in rand_core Critical
CVE-2020-25576 was published for rand_core (Rust) Aug 25, 2021
rillian
Incorrect cast in anymap Critical
CVE-2021-38187 was published for anymap (Rust) Aug 25, 2021
Unsoundness in bigint Critical
CVE-2020-35880 was published for bigint (Rust) Aug 25, 2021
os_str_bytes relies on undefined behavior of `char::from_u32_unchecked` High
CVE-2020-35865 was published for os_str_bytes (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database