Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,319
Erlang
31
GitHub Actions
21
Go
2,077
Maven
5,000+
npm
3,746
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

103 advisories

Loading
A remote code execution vulnerability in the Android media framework (libhevc). Product: Android.... High Unreviewed
CVE-2017-0720 was published May 13, 2022
A remote denial of service vulnerability in libhevc in Mediaserver could enable an attacker to... High Unreviewed
CVE-2017-0599 was published May 13, 2022
In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was... High Unreviewed
CVE-2018-14367 was published May 13, 2022
QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not... High Unreviewed
CVE-2018-20216 was published May 13, 2022
In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet... High Unreviewed
CVE-2019-10902 was published May 13, 2022
The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders... Moderate Unreviewed
CVE-2018-16643 was published May 13, 2022
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The... High Unreviewed
CVE-2018-14622 was published May 13, 2022
The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not... Moderate Unreviewed
CVE-2016-10060 was published May 13, 2022
The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the... Moderate Unreviewed
CVE-2016-10061 was published May 13, 2022
Unchecked return value in the BIOS firmware for some Intel(R) Processors may allow a privileged... Moderate Unreviewed
CVE-2021-0155 was published May 13, 2022
The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a... Moderate Unreviewed
CVE-2010-0211 was published May 2, 2022
Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value... Moderate Unreviewed
CVE-2009-0265 was published May 2, 2022
mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the... High Unreviewed
CVE-2007-5191 was published May 1, 2022
Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote... Moderate Unreviewed
CVE-2007-3798 was published May 1, 2022
The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional... High Unreviewed
CVE-2005-4360 was published May 1, 2022
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return... Moderate Unreviewed
CVE-2002-1372 was published Apr 30, 2022
In Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw the exception captured during... Moderate Unreviewed
CVE-2021-41041 was published Apr 28, 2022
manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the... Critical Unreviewed
CVE-1999-0199 was published Apr 21, 2022
A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that... Moderate Unreviewed
CVE-2021-42780 was published Apr 19, 2022
Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly... Critical Unreviewed
CVE-2022-23806 was published Feb 12, 2022
Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user... Moderate Unreviewed
CVE-2021-0107 was published Feb 11, 2022
A use-after-free vulnerability exists in the RS-274X aperture definition tokenization... High Unreviewed
CVE-2021-40401 was published Feb 10, 2022
Improper privilege handling in Apache Accumulo High
CVE-2020-17533 was published for org.apache.accumulo:accumulo-master (Maven) Feb 9, 2022
Misconfigured IP address field in ROA leads to OctoRPKI crash Moderate
CVE-2021-3911 was published for github.com/cloudflare/cfrpki (Go) Nov 10, 2021
Unchecked Return Value in xcb Critical
CVE-2021-26955 was published for xcb (Rust) Aug 25, 2021
amousset
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database