Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,299
NuGet
760
pip
4,078
Pub
12
RubyGems
957
Rust
1,060
Swift
45
Unreviewed advisories
All unreviewed
5,000+

114,595 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: igb: Fix igb_down hung on... High Unreviewed
CVE-2023-53148 was published Sep 15, 2025
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix reading strings... High Unreviewed
CVE-2022-50255 was published Sep 15, 2025
In the Linux kernel, the following vulnerability has been resolved: drm/meson: remove drm... High Unreviewed
CVE-2022-50256 was published Sep 15, 2025
In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix potential... High Unreviewed
CVE-2025-39727 was published Sep 7, 2025
Use of weak credentials in emergency authentication component in Devolutions Server allows an... High Unreviewed
CVE-2025-6523 was published Jul 22, 2025
Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2.... High Unreviewed
CVE-2018-12389 was published May 14, 2022
Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being... High Unreviewed
CVE-2019-11729 was published May 24, 2022
When an inner window is reused, it does not consider the use of document.domain for cross-origin... High Unreviewed
CVE-2019-11711 was published May 24, 2022
Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and... High Unreviewed
CVE-2019-9813 was published May 24, 2022
A WebExtension can request access to local files without the warning prompt stating that the... High Unreviewed
CVE-2018-12397 was published May 14, 2022
A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be... High Unreviewed
CVE-2019-11694 was published May 24, 2022
When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out... High Unreviewed
CVE-2018-12379 was published May 14, 2022
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an... High Unreviewed
CVE-2018-12386 was published May 14, 2022
An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own... High Unreviewed
CVE-2018-5146 was published May 14, 2022
A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with... High Unreviewed
CVE-2018-5178 was published May 14, 2022
In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the "SEE_MASK_FLAG_NO_UI... High Unreviewed
CVE-2018-5174 was published May 13, 2022
A buffer overflow can occur when manipulating the SVG "animatedPathSegList" through script. This... High Unreviewed
CVE-2018-5127 was published May 14, 2022
Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed... High Unreviewed
CVE-2018-5125 was published May 14, 2022
An integer overflow can occur during conversion of text to some Unicode character sets due to an... High Unreviewed
CVE-2018-5144 was published May 14, 2022
When packets with a mismatched RTP payload type are sent in WebRTC connections, in some... High Unreviewed
CVE-2018-5130 was published May 14, 2022
A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE... High Unreviewed
CVE-2017-7845 was published May 14, 2022
When Private Browsing mode is used, it is possible for a web worker to write persistent data to... High Unreviewed
CVE-2017-7843 was published May 14, 2022
An out-of-bounds read in WebGL with a maliciously crafted "ImageInfo" object during WebGL... High Unreviewed
CVE-2017-7754 was published May 14, 2022
File downloads encoded with "blob:" and "data:" URL elements bypassed normal file download checks... High Unreviewed
CVE-2017-7814 was published May 14, 2022
When a page's content security policy (CSP) header contains a "sandbox" directive, other... High Unreviewed
CVE-2017-7803 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database