GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,078
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,079
Maven 5,250
npm 3,747
NuGet 674
pip 3,435
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,314

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

447 advisories

Filter by severity

Sort by

Least recently updated

The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows... Moderate Unreviewed

CVE-2018-19840 was published May 13, 2022

An issue was discovered in cairo 1.16.0. There is an infinite loop in the function... Moderate Unreviewed

CVE-2019-6462 was published May 13, 2022

In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and... Moderate Unreviewed

CVE-2018-20467 was published May 13, 2022

The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote... High Unreviewed

CVE-2017-16944 was published May 13, 2022

In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows... Critical Unreviewed

CVE-2018-20784 was published May 13, 2022

There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to... High Unreviewed

CVE-2017-13728 was published May 13, 2022

In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the... Moderate Unreviewed

CVE-2018-5650 was published May 13, 2022

The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest... Moderate Unreviewed

CVE-2017-5973 was published May 13, 2022

The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local... Moderate Unreviewed

CVE-2016-8909 was published May 13, 2022

The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local... Moderate Unreviewed

CVE-2016-8910 was published May 13, 2022

An issue was discovered in Daimler Mercedes-Benz COMAND 17/13.0 50.12 on Mercedes-Benz C-Class... High Unreviewed

CVE-2018-18070 was published May 13, 2022

GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which... Moderate Unreviewed

CVE-2018-20482 was published May 13, 2022

In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c... Moderate Unreviewed

CVE-2018-10289 was published May 13, 2022

The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local... Moderate Unreviewed

CVE-2015-8785 was published May 13, 2022

The Kepware DNP Master Driver for the KEPServerEX Communications Platform before 5.12.140.0... High Unreviewed

CVE-2013-2789 was published May 13, 2022

In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC... High Unreviewed

CVE-2017-15908 was published May 13, 2022

The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause... High Unreviewed

CVE-2016-5042 was published May 13, 2022

An infinite loop programming error exists in the DNS server functionality of Cesanta Mongoose 6.8... High Unreviewed

CVE-2017-2909 was published May 13, 2022

perl-Convert-ASN1 (aka the Convert::ASN1 module for Perl) through 0.27 allows remote attackers to... Moderate Unreviewed

CVE-2013-7488 was published May 5, 2022

ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite... Moderate Unreviewed

CVE-2012-0248 was published May 4, 2022

Adobe Shockwave Player before 11.5.7.609 allows remote attackers to cause a denial of service ... Moderate Unreviewed

CVE-2010-1282 was published May 2, 2022

smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows... Moderate Unreviewed

CVE-2009-2906 was published May 2, 2022

libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service ... High Unreviewed

CVE-2009-1270 was published May 2, 2022

The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird... Moderate Unreviewed

CVE-2006-6499 was published May 1, 2022

aspnet_wp.exe in Microsoft ASP.NET web services allows remote attackers to cause a denial of... Moderate Unreviewed

CVE-2005-2224 was published May 1, 2022

Previous 1 2 … 14 15 16 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

447 advisories