GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
12,724 advisories
Filter by severity
A remote code execution vulnerability exists in the Microsoft JET Database Engine, aka "Microsoft...
High
Unreviewed
CVE-2018-8423
was published
May 13, 2022
portcls.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2...
High
Unreviewed
CVE-2013-3907
was published
May 13, 2022
The TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,...
High
Unreviewed
CVE-2013-3183
was published
May 13, 2022
Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3,...
High
Unreviewed
CVE-2013-3173
was published
May 13, 2022
Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3,...
Moderate
Unreviewed
CVE-2013-3172
was published
May 13, 2022
dxgkrnl.sys (aka the DirectX graphics kernel subsystem) in the kernel-mode drivers in Microsoft...
High
Unreviewed
CVE-2013-1332
was published
May 13, 2022
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003...
High
Unreviewed
CVE-2013-1334
was published
May 13, 2022
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows...
High
Unreviewed
CVE-2012-2897
was published
May 13, 2022
Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows...
High
Unreviewed
CVE-2012-1891
was published
May 13, 2022
Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which...
High
Unreviewed
CVE-2012-1889
was published
May 13, 2022
Buffer overflow in Active Directory, Active Directory Application Mode (ADAM), and Active...
High
Unreviewed
CVE-2011-3406
was published
May 13, 2022
Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3,...
High
Unreviewed
CVE-2011-2003
was published
May 13, 2022
The DNS server in Microsoft Windows Server 2003 SP2 and Windows Server 2008 SP2, R2, and R2 SP1...
Moderate
Unreviewed
CVE-2011-1970
was published
May 13, 2022
The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP...
High
Unreviewed
CVE-2011-1282
was published
May 13, 2022
The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP...
High
Unreviewed
CVE-2011-1281
was published
May 13, 2022
fxscover.exe in the Fax Cover Page Editor in Microsoft Windows XP SP2 and SP3, Windows Server...
High
Unreviewed
CVE-2010-3974
was published
May 13, 2022
An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a...
High
Unreviewed
CVE-2018-19491
was published
May 13, 2022
An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a...
High
Unreviewed
CVE-2018-19492
was published
May 13, 2022
The quicktime_user_atoms_read_atom function in useratoms.c in libquicktime 1.2.4 allows remote...
Moderate
Unreviewed
CVE-2017-9127
was published
May 13, 2022
The quicktime_read_dref_table function in dref.c in libquicktime 1.2.4 allows remote attackers to...
Moderate
Unreviewed
CVE-2017-9126
was published
May 13, 2022
A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated,...
High
Unreviewed
CVE-2018-0470
was published
May 13, 2022
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, local...
High
Unreviewed
CVE-2019-1605
was published
May 13, 2022
An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can...
Critical
Unreviewed
CVE-2018-6892
was published
May 13, 2022
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud...
Critical
Unreviewed
CVE-2016-4607
was published
May 13, 2022
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud...
Critical
Unreviewed
CVE-2016-4609
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API