GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
23,060 advisories
Filter by severity
FTP Function of SAP NetWeaver AS ABAP Platform, versions- KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT,...
Critical
Unreviewed
CVE-2019-0304
was published
May 24, 2022
It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would...
Critical
Unreviewed
CVE-2019-3873
was published
May 24, 2022
ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a...
Critical
Unreviewed
CVE-2019-7839
was published
May 24, 2022
ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a...
Critical
Unreviewed
CVE-2019-7838
was published
May 24, 2022
ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a...
Critical
Unreviewed
CVE-2019-7840
was published
May 24, 2022
A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a),...
Critical
Unreviewed
CVE-2019-6580
was published
May 24, 2022
Insufficient session validation in the service API for Intel(R) RWC3 version 4.186 and before may...
Critical
Unreviewed
CVE-2019-11119
was published
May 24, 2022
BD Alaris Gateway Workstation Versions, 1.1.3 Build 10, 1.1.3 MR Build 11, 1.2 Build 15, 1.3.0...
Critical
Unreviewed
CVE-2019-10959
was published
May 24, 2022
An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular...
Critical
Unreviewed
CVE-2019-12798
was published
May 24, 2022
Out-of-Bounds write due to incorrect array index check in PMIC in Snapdragon Auto, Snapdragon...
Critical
Unreviewed
CVE-2018-13898
was published
May 24, 2022
Out of bounds memory read and access may lead to unexpected behavior in GNSS XTRA Parser in...
Critical
Unreviewed
CVE-2018-13911
was published
May 24, 2022
Lack of check on length of reason-code fetched from payload may lead driver access the memory not...
Critical
Unreviewed
CVE-2018-11955
was published
May 24, 2022
When receiving calls using WhatsApp for Android, a missing size check when parsing a sender...
Critical
Unreviewed
CVE-2018-6349
was published
May 24, 2022
An out-of-bounds read was possible in WhatsApp due to incorrect parsing of RTP extension headers....
Critical
Unreviewed
CVE-2018-6350
was published
May 24, 2022
When receiving calls using WhatsApp on Android, a stack allocation failed to properly account for...
Critical
Unreviewed
CVE-2018-6339
was published
May 24, 2022
When receiving calls using WhatsApp for iOS, a missing size check when parsing a sender-provided...
Critical
Unreviewed
CVE-2018-20655
was published
May 24, 2022
The HMAC authenticating the message from QSEE is vulnerable to timing side channel analysis...
Critical
Unreviewed
CVE-2018-13906
was published
May 24, 2022
A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies...
Critical
Unreviewed
CVE-2019-10126
was published
May 24, 2022
Resource allocation error while playing the video whose dimensions are more than supported...
Critical
Unreviewed
CVE-2019-2259
was published
May 24, 2022
An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains...
Critical
Unreviewed
CVE-2019-2256
was published
May 24, 2022
An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains...
Critical
Unreviewed
CVE-2019-2255
was published
May 24, 2022
formats/xml.cpp in Leanify 0.4.3 allows for a controlled out-of-bounds write in xml_memory_writer...
Critical
Unreviewed
CVE-2019-12835
was published
May 24, 2022
An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A parameter in the web reports...
Critical
Unreviewed
CVE-2018-20469
was published
May 24, 2022
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain...
Critical
Unreviewed
CVE-2019-12550
was published
May 24, 2022
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain...
Critical
Unreviewed
CVE-2019-12549
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API