Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,640
Maven
5,000+
npm
4,265
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

5,055 advisories

Loading
Cisco IOS 12.2 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.17 and 16.2 allow... High Unreviewed
CVE-2016-6384 was published May 13, 2022
Google Chrome before 9.0.597.107 does not properly process nodes in Cascading Style Sheets (CSS)... High Unreviewed
CVE-2011-1109 was published May 13, 2022
Google Chrome before 9.0.597.107 does not properly implement forms controls, which allows remote... High Unreviewed
CVE-2011-1111 was published May 13, 2022
Google Chrome before 10.0.648.127 does not properly perform table painting, which allows remote... High Unreviewed
CVE-2011-1197 was published May 13, 2022
Google Chrome before 9.0.597.107 does not properly implement key frame rules, which allows remote... High Unreviewed
CVE-2011-1110 was published May 13, 2022
Google Chrome before 9.0.597.94 does not properly perform event handling for animations, which... High Unreviewed
CVE-2011-0981 was published May 13, 2022
Google Chrome before 9.0.597.94 does not properly handle anonymous blocks, which allows remote... High Unreviewed
CVE-2011-0983 was published May 13, 2022
Google Chrome before 9.0.597.84 does not properly handle autofill profile merging, which has... High Unreviewed
CVE-2011-0781 was published May 13, 2022
The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to... High Unreviewed
CVE-2016-4456 was published May 13, 2022
Mod_auth_openidc.c in the Ping Identity OpenID Connect authentication module for Apache (aka... High Unreviewed
CVE-2017-6059 was published May 13, 2022
The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of... High Unreviewed
CVE-2016-7434 was published May 13, 2022
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows... High Unreviewed
CVE-2015-7691 was published May 13, 2022
The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77... High Unreviewed
CVE-2015-7703 was published May 13, 2022
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows... High Unreviewed
CVE-2015-7692 was published May 13, 2022
In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname... High Unreviewed
CVE-2018-19591 was published May 13, 2022
Improper Input Validation in Apache Struts High
CVE-2016-1181 was published for org.apache.struts:struts-core (Maven) May 13, 2022
ryanmurf
Credited to ryanmurf
An issue was discovered in zzzphp cms 1.5.8. del_file in /admin/save.php allows remote attackers... High Unreviewed
CVE-2018-20127 was published May 13, 2022
The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does... High Unreviewed
CVE-2015-8607 was published May 13, 2022
Improper Input Validation in Apache Struts High
CVE-2016-1182 was published for org.apache.struts:struts-core (Maven) May 13, 2022
ryanmurf
Credited to ryanmurf
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle SVG use... High Unreviewed
CVE-2011-0478 was published May 13, 2022
The node-iteration implementation in Google Chrome before 8.0.552.237 and Chrome OS before 8.0... High Unreviewed
CVE-2011-0471 was published May 13, 2022
A vulnerability in the Android media framework (libvpx) related to odd frame width. Product:... High Unreviewed
CVE-2017-13194 was published May 13, 2022
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle speech... High Unreviewed
CVE-2011-0485 was published May 13, 2022
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform DOM... High Unreviewed
CVE-2011-0484 was published May 13, 2022
The bond_select_queue function in drivers/net/bonding/bond_main.c in the Linux kernel before 2.6... High Unreviewed
CVE-2011-1581 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database