Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

12,814 advisories

Loading
The "apetag.c" file in MP3Gain 1.5.2.r2 has a vulnerability which results in a stack memory... Moderate Unreviewed
CVE-2017-12911 was published May 13, 2022
The GPU process in Google Chrome before 17.0.963.79 allows remote attackers to execute arbitrary... High Unreviewed
CVE-2011-3047 was published May 13, 2022
A vulnerability in the web application for Cisco IP Phones could allow an unauthenticated, remote... High Unreviewed
CVE-2016-1421 was published May 13, 2022
The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial... Moderate Unreviewed
CVE-2016-2073 was published May 13, 2022
Artifex Software, Inc. MuJS before a0ceaf5050faf419401fe1b83acfa950ec8a8a89 allows context... High Unreviewed
CVE-2016-9136 was published May 13, 2022
Buffer overflow in the SLPFoldWhiteSpace function in common/slp_compare.c in OpenSLP 2.0 allows... Critical Unreviewed
CVE-2016-7567 was published May 13, 2022
Buffer overflow in APNGDis 2.8 and earlier allows a remote attackers to cause denial of service... Moderate Unreviewed
CVE-2017-6192 was published May 13, 2022
Buffer overflow in APNGDis 2.8 and earlier allows remote attackers to cause a denial of service... Moderate Unreviewed
CVE-2017-6193 was published May 13, 2022
The read_buf function in stream.c in rzip 2.1 allows remote attackers to cause a denial of... High Unreviewed
CVE-2017-8364 was published May 13, 2022
Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers... Critical Unreviewed
CVE-2017-8798 was published May 13, 2022
Yodl before 3.07.01 has a Buffer Over-read in the queue_push function in queue/queuepush.c. Critical Unreviewed
CVE-2016-10375 was published May 13, 2022
The Cascading Style Sheets (CSS) implementation in Google Chrome before 16.0.912.63 on 64-bit... Moderate Unreviewed
CVE-2011-3909 was published May 13, 2022
Google Chrome before 15.0.874.120 does not properly perform VP8 decoding, which allows remote... High Unreviewed
CVE-2011-3894 was published May 13, 2022
Google Chrome before 14.0.835.202 does not properly handle Google V8 hidden objects, which allows... Moderate Unreviewed
CVE-2011-2881 was published May 13, 2022
Google Chrome before 14.0.835.202 does not properly implement shader translation, which allows... Moderate Unreviewed
CVE-2011-3873 was published May 13, 2022
Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and... High Unreviewed
CVE-2013-7260 was published May 13, 2022
OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue... Critical Unreviewed
CVE-2017-17833 was published May 13, 2022
A buffer overflow has been found in the Zephyr Project's getaddrinfo() implementation in 1.9.0... Critical Unreviewed
CVE-2017-14199 was published May 13, 2022
The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in... Moderate Unreviewed
CVE-2016-4439 was published May 13, 2022
The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU... Moderate Unreviewed
CVE-2016-4441 was published May 13, 2022
The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allows local guest OS... Moderate Unreviewed
CVE-2016-4454 was published May 13, 2022
Google Chrome before 13.0.782.215 on Windows does not properly handle vertex data, which allows... High Unreviewed
CVE-2011-2806 was published May 13, 2022
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not... Critical Unreviewed
CVE-2018-14362 was published May 13, 2022
rzpnk.sys in Razer Synapse 2.20.15.1104 allows local users to read and write to arbitrary memory... High Unreviewed
CVE-2017-14398 was published May 13, 2022
Google Chrome before 12.0.742.112 does not properly handle Cascading Style Sheets (CSS) token... Moderate Unreviewed
CVE-2011-2347 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database