GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,080
Erlang
29
GitHub Actions
19
Go
1,908
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
485 advisories
Filter by severity
Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device...
Critical
Unreviewed
CVE-2019-6522
was published
May 13, 2022
The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers...
Critical
Unreviewed
CVE-2017-5209
was published
May 13, 2022
The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to...
Critical
Unreviewed
CVE-2017-5545
was published
May 13, 2022
The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a...
Critical
Unreviewed
CVE-2017-16548
was published
May 13, 2022
libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in...
Critical
Unreviewed
CVE-2017-7544
was published
May 13, 2022
UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper...
Critical
Unreviewed
CVE-2019-8266
was published
May 13, 2022
The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote attackers to cause a...
Critical
Unreviewed
CVE-2015-8608
was published
May 13, 2022
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers...
Critical
Unreviewed
CVE-2018-18313
was published
May 13, 2022
Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc...
Critical
Unreviewed
CVE-2019-9631
was published
May 13, 2022
The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x...
Critical
Unreviewed
CVE-2014-1508
was published
May 13, 2022
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the...
Critical
Unreviewed
CVE-2019-11006
was published
May 13, 2022
Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of...
Critical
Unreviewed
CVE-2016-7951
was published
May 13, 2022
The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a...
Critical
Unreviewed
CVE-2017-8872
was published
May 13, 2022
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png...
Critical
Unreviewed
CVE-2017-13139
was published
May 13, 2022
The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c...
Critical
Unreviewed
CVE-2017-12987
was published
May 13, 2022
The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several...
Critical
Unreviewed
CVE-2017-12902
was published
May 13, 2022
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c...
Critical
Unreviewed
CVE-2017-12896
was published
May 13, 2022
The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().
Critical
Unreviewed
CVE-2017-12899
was published
May 13, 2022
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c...
Critical
Unreviewed
CVE-2017-13024
was published
May 13, 2022
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c...
Critical
Unreviewed
CVE-2017-13725
was published
May 13, 2022
The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().
Critical
Unreviewed
CVE-2017-13028
was published
May 13, 2022
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
Critical
Unreviewed
CVE-2017-13020
was published
May 13, 2022
The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c...
Critical
Unreviewed
CVE-2017-13004
was published
May 13, 2022
The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().
Critical
Unreviewed
CVE-2017-13687
was published
May 13, 2022
An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an...
Critical
Unreviewed
CVE-2018-14938
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API