GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,085
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,084
Maven 5,251
npm 3,747
NuGet 674
pip 3,436
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,541

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

447 advisories

Filter by severity

Sort by

Least recently updated

libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0... Moderate Unreviewed

CVE-2019-1000020 was published May 13, 2022

Loop with Unreachable Exit Condition ('Infinite Loop') in McAfee GetSusp (GetSusp) 3.0.0.461 and... Moderate Unreviewed

CVE-2018-6687 was published May 13, 2022

An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions... High Unreviewed

CVE-2018-5818 was published May 13, 2022

libhttp/url.c in shellinabox through 2.20 has an implementation flaw in the HTTP request parsing... High Unreviewed

CVE-2018-16789 was published May 13, 2022

In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the... High Unreviewed

CVE-2017-18271 was published May 13, 2022

The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers... Moderate Unreviewed

CVE-2017-14741 was published May 13, 2022

In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the... High Unreviewed

CVE-2017-18273 was published May 13, 2022

The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators... Moderate Unreviewed

CVE-2015-8558 was published May 13, 2022

libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service ... Moderate Unreviewed

CVE-2018-14567 was published May 13, 2022

hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause... Moderate Unreviewed

CVE-2017-8112 was published May 13, 2022

The quicktime_read_moov function in moov.c in libquicktime 1.2.4 allows remote attackers to cause... High Unreviewed

CVE-2017-9122 was published May 13, 2022

A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid... Moderate Unreviewed

CVE-2019-3819 was published May 13, 2022

Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in... High Unreviewed

CVE-2019-3833 was published May 13, 2022

LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains a CWE-835: Infinite loop... High Unreviewed

CVE-2018-20021 was published May 13, 2022

In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector could go into an infinite loop... High Unreviewed

CVE-2018-7421 was published May 13, 2022

QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local... Moderate Unreviewed

CVE-2017-9375 was published May 13, 2022

The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator)... Moderate Unreviewed

CVE-2017-5987 was published May 13, 2022

The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emulator) does not properly... Moderate Unreviewed

CVE-2016-7908 was published May 13, 2022

QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is... Moderate Unreviewed

CVE-2016-9776 was published May 13, 2022

The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emulator) allows local guest OS... Moderate Unreviewed

CVE-2016-7909 was published May 13, 2022

The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0... Moderate Unreviewed

CVE-2017-6505 was published May 13, 2022

QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite... Moderate Unreviewed

CVE-2016-1981 was published May 13, 2022

QEMU (aka Quick Emulator), when built with the e1000e NIC emulation support, allows local guest... Moderate Unreviewed

CVE-2017-9310 was published May 13, 2022

An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibRaw versions prior to 0.18... High Unreviewed

CVE-2018-5813 was published May 13, 2022

In FFmpeg 2.4 and 3.3.3, the read_data function in libavformat/hls.c does not restrict reload... Moderate Unreviewed

CVE-2017-14058 was published May 13, 2022

Previous 1 2 … 14 15 16 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

447 advisories