Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

342 advisories

Loading
The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet... High Unreviewed
CVE-2011-1255 was published May 13, 2022
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows... High Unreviewed
CVE-2011-1250 was published May 13, 2022
The Vector Markup Language (VML) implementation in vgx.dll in Microsoft Internet Explorer 6... High Unreviewed
CVE-2011-1266 was published May 13, 2022
Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote... High Unreviewed
CVE-2010-3343 was published May 13, 2022
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows... High Unreviewed
CVE-2011-1254 was published May 13, 2022
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote... High Unreviewed
CVE-2011-1251 was published May 13, 2022
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote... High Unreviewed
CVE-2010-3345 was published May 13, 2022
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows... High Unreviewed
CVE-2011-1261 was published May 13, 2022
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows... High Unreviewed
CVE-2011-1963 was published May 13, 2022
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote... High Unreviewed
CVE-2011-1998 was published May 13, 2022
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows... High Unreviewed
CVE-2011-1964 was published May 13, 2022
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows... High Unreviewed
CVE-2011-1995 was published May 13, 2022
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3... Critical Unreviewed
CVE-2019-9641 was published May 13, 2022
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3... High Unreviewed
CVE-2019-9639 was published May 13, 2022
Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Linux, Windows,... Moderate Unreviewed
CVE-2017-5103 was published May 13, 2022
Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Mac, Windows,... Moderate Unreviewed
CVE-2017-5102 was published May 13, 2022
An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality... Moderate Unreviewed
CVE-2018-3970 was published May 13, 2022
An exploitable uninitialized variable vulnerability exists in the RTF-parsing functionality of... High Unreviewed
CVE-2018-3975 was published May 13, 2022
An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler... Moderate Unreviewed
CVE-2018-3989 was published May 13, 2022
In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to... Moderate Unreviewed
CVE-2022-20008 was published May 11, 2022
In private_handle_t of mali_gralloc_buffer.h, there is a possible information disclosure due to... Moderate Unreviewed
CVE-2022-20119 was published May 11, 2022
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, and 14.1.x... High Unreviewed
CVE-2022-26370 was published May 6, 2022
The function wav_format_write in libwav.c in libwav through 2017-04-20 has an Use of... High Unreviewed
CVE-2022-28488 was published May 5, 2022
In camera, there is a possible information disclosure due to uninitialized data. This could lead... Moderate Unreviewed
CVE-2022-20096 was published May 4, 2022
The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all... High Unreviewed
CVE-2009-2692 was published May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database