Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

5,030 advisories

Loading
In ccci, there is a possible out of bounds write due to improper input validation. This could... Moderate Unreviewed
CVE-2022-32634 was published Dec 5, 2022
In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could... Moderate Unreviewed
CVE-2022-32631 was published Dec 5, 2022
In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could... Moderate Unreviewed
CVE-2022-32632 was published Dec 5, 2022
LMDeploy Improper Input Validation Vulnerability Moderate
CVE-2025-3162 was published for lmdeploy (pip) Apr 3, 2025
tar-split memory exhaustion Moderate
CVE-2017-14992 was published for github.com/vbatts/tar-split (Go) May 17, 2022
An issue in code signature validation was addressed with improved checks. This issue is fixed in... Moderate Unreviewed
CVE-2022-42793 was published Nov 2, 2022
In thermal_cooling_device_stats_update of thermal_sysfs.c, there is a possible out of bounds... Moderate Unreviewed
CVE-2022-20569 was published Dec 21, 2022
An improper input validation vulnerability is identified in the End of Life (EOL) OVA based... Moderate Unreviewed
CVE-2025-3837 was published Apr 21, 2025
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10... Moderate Unreviewed
CVE-2017-7154 was published May 14, 2022
In Netwide Assembler (NASM) 2.14rc0, there is a "SEGV on unknown address" that will cause a... Moderate Unreviewed
CVE-2017-17810 was published May 14, 2022
SAP Note Assistant tool (SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31,7.40, from 7... Moderate Unreviewed
CVE-2017-16691 was published May 14, 2022
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it... Moderate Unreviewed
CVE-2017-17862 was published May 14, 2022
Winamp Pro 5.66 Build 3512 allows remote attackers to cause a denial of service via a crafted WAV... Moderate Unreviewed
CVE-2017-16951 was published May 13, 2022
KMPlayer 4.2.2.4 allows remote attackers to cause a denial of service via a crafted NSV file. Moderate Unreviewed
CVE-2017-16952 was published May 17, 2022
NetApp Clustered Data ONTAP versions 9.x prior to 9.1P10 and 9.2P2 are susceptible to a... Moderate Unreviewed
CVE-2017-14583 was published May 14, 2022
The PSFTPd 10.0.4 Build 729 server does not properly escape data before writing it into a Comma... Moderate Unreviewed
CVE-2017-15270 was published May 14, 2022
NetApp OnCommand Unified Manager for 7-mode (core package) versions prior to 5.2.1 are... Moderate Unreviewed
CVE-2017-11461 was published May 17, 2022
In Vectura Perfect Privacy VPN Manager v1.10.10 and v1.10.11, when resetting the network data via... Moderate Unreviewed
CVE-2017-16637 was published May 17, 2022
Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an application does not set... Moderate Unreviewed
CVE-2015-1835 was published May 17, 2022
An issue was discovered in certain Apple products. iOS before 11.1 is affected. tvOS before 11.1... Moderate Unreviewed
CVE-2017-13849 was published May 14, 2022
A vulnerability in the web interface of Cisco Network Analysis Module Software could allow an... Moderate Unreviewed
CVE-2017-12285 was published May 13, 2022
FlexPaperViewer.swf in Flexpaper before 2.3.1 allows remote attackers to conduct content-spoofing... Moderate Unreviewed
CVE-2014-9678 was published May 17, 2022
WordPress through 4.8.2, when domain-based flashmediaelement.swf sandboxing is not used, allows... Moderate Unreviewed
CVE-2016-9263 was published May 17, 2022
plugins/ogg.c in Libmp3splt 0.9.2 calls the libvorbis vorbis_block_clear function with... Moderate Unreviewed
CVE-2017-15185 was published May 17, 2022
A vulnerability in the Cisco Network Plug and Play application of Cisco IOS 12.4 through 15.6 and... Moderate Unreviewed
CVE-2017-12228 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database