Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,080
Erlang
29
GitHub Actions
19
Go
1,908
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

485 advisories

Loading
Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device... Critical Unreviewed
CVE-2019-6522 was published May 13, 2022
The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers... Critical Unreviewed
CVE-2017-5209 was published May 13, 2022
The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to... Critical Unreviewed
CVE-2017-5545 was published May 13, 2022
The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a... Critical Unreviewed
CVE-2017-16548 was published May 13, 2022
libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in... Critical Unreviewed
CVE-2017-7544 was published May 13, 2022
UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper... Critical Unreviewed
CVE-2019-8266 was published May 13, 2022
The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote attackers to cause a... Critical Unreviewed
CVE-2015-8608 was published May 13, 2022
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers... Critical Unreviewed
CVE-2018-18313 was published May 13, 2022
Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc... Critical Unreviewed
CVE-2019-9631 was published May 13, 2022
The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x... Critical Unreviewed
CVE-2014-1508 was published May 13, 2022
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the... Critical Unreviewed
CVE-2019-11006 was published May 13, 2022
Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of... Critical Unreviewed
CVE-2016-7951 was published May 13, 2022
The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a... Critical Unreviewed
CVE-2017-8872 was published May 13, 2022
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png... Critical Unreviewed
CVE-2017-13139 was published May 13, 2022
The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c... Critical Unreviewed
CVE-2017-12987 was published May 13, 2022
The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several... Critical Unreviewed
CVE-2017-12902 was published May 13, 2022
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c... Critical Unreviewed
CVE-2017-12896 was published May 13, 2022
The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print(). Critical Unreviewed
CVE-2017-12899 was published May 13, 2022
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c... Critical Unreviewed
CVE-2017-13024 was published May 13, 2022
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c... Critical Unreviewed
CVE-2017-13725 was published May 13, 2022
The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print(). Critical Unreviewed
CVE-2017-13028 was published May 13, 2022
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print(). Critical Unreviewed
CVE-2017-13020 was published May 13, 2022
The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c... Critical Unreviewed
CVE-2017-13004 was published May 13, 2022
The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print(). Critical Unreviewed
CVE-2017-13687 was published May 13, 2022
An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an... Critical Unreviewed
CVE-2018-14938 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database