GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,602 advisories
Filter by severity
Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service ...
High
Unreviewed
CVE-2021-28543
was published
May 24, 2022
A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G <...
High
Unreviewed
CVE-2021-39251
was published
May 24, 2022
An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the...
Moderate
Unreviewed
CVE-2021-42200
was published
Jun 3, 2022
The updateMessageStatus function in Android 5.1.1 and earlier allows local users to cause a...
Moderate
Unreviewed
CVE-2015-3839
was published
May 17, 2022
The bfd_make_section_with_flags function in section.c in the Binary File Descriptor (BFD) library...
High
Unreviewed
CVE-2017-12457
was published
May 17, 2022
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where a NULL...
High
Unreviewed
CVE-2017-6257
was published
May 17, 2022
Possible null pointer dereference due to improper validation of RRC connection reconfiguration...
High
Unreviewed
CVE-2021-35076
was published
Jun 15, 2022
The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful...
Moderate
Unreviewed
CVE-2022-31763
was published
Jun 14, 2022
NULL Pointer Dereference in Conda vim prior to 8.2.
Moderate
Unreviewed
CVE-2022-0696
was published
Feb 22, 2022
AppleEFIRuntime in Apple OS X before 10.12 allows attackers to execute arbitrary code in a...
High
Unreviewed
CVE-2016-4696
was published
May 17, 2022
Possible null pointer access due to improper validation of system information message to be...
High
Unreviewed
CVE-2021-35087
was published
Jun 15, 2022
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler where...
High
Unreviewed
CVE-2017-6252
was published
May 17, 2022
The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0...
Moderate
Unreviewed
CVE-2017-11522
was published
May 17, 2022
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue...
Moderate
Unreviewed
CVE-2016-7604
was published
May 17, 2022
The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows remote attackers to cause a...
Moderate
Unreviewed
CVE-2017-11550
was published
May 17, 2022
The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and 7.0.6-4 allows remote...
Moderate
Unreviewed
CVE-2017-11750
was published
May 17, 2022
The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local...
High
Unreviewed
CVE-2016-7079
was published
May 17, 2022
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue...
High
Unreviewed
CVE-2016-4678
was published
May 17, 2022
A flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file...
High
Unreviewed
CVE-2021-20299
was published
Mar 17, 2022
The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local...
High
Unreviewed
CVE-2016-7080
was published
May 17, 2022
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue...
Moderate
Unreviewed
CVE-2017-2388
was published
May 17, 2022
There is a NULL pointer dereference in the caseless_hash function in gxps-archive.c in libgxps 0...
High
Unreviewed
CVE-2017-11590
was published
May 17, 2022
In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS structures can crash with a NULL...
High
Unreviewed
CVE-2016-7053
was published
May 17, 2022
CloudCore CSI Driver: Malicious response from KubeEdge can crash CSI Driver controller server
Moderate
CVE-2022-31077
was published
for
github.com/kubeedge/kubeedge
(Go)
Jun 25, 2022
CloudCore UDS Server: Malicious Message can crash CloudCore
Moderate
CVE-2022-31076
was published
for
github.com/kubeedge/kubeedge
(Go)
Jun 25, 2022
ProTip!
Advisories are also available from the
GraphQL API