GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,990
Composer 4,293
Erlang 31
GitHub Actions 21
Go 2,061
Maven 5,239
npm 3,744
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,576

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

281 advisories

Filter by severity

Sort by

Least recently updated

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to... Moderate Unreviewed

CVE-2017-11626 was published May 13, 2022

A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0... Moderate Unreviewed

CVE-2017-0685 was published May 13, 2022

A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4... Moderate Unreviewed

CVE-2018-14629 was published May 13, 2022

An external attacker is able to send a specially crafted email (with many recipients) and trigger... Moderate Unreviewed

CVE-2022-39052 was published Oct 17, 2022

Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka... Moderate Unreviewed

CVE-2018-12154 was published May 13, 2022

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.... Moderate Unreviewed

CVE-2018-18700 was published May 13, 2022

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.... Moderate Unreviewed

CVE-2018-18701 was published May 13, 2022

The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS... Moderate Unreviewed

CVE-2016-4453 was published May 13, 2022

In The Sleuth Kit (TSK) 4.4.2, opening a crafted disk image triggers infinite recursion in... Moderate Unreviewed

CVE-2017-13756 was published May 13, 2022

The svg_probe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers... Moderate Unreviewed

CVE-2018-7751 was published May 13, 2022

ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to... Moderate Unreviewed

CVE-2015-7850 was published May 13, 2022

In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may cause infinite recursion via a... Moderate Unreviewed

CVE-2018-16646 was published May 13, 2022

Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and... Moderate Unreviewed

CVE-2012-1186 was published May 13, 2022

The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to... Moderate Unreviewed

CVE-2015-8900 was published May 13, 2022

The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows... Moderate Unreviewed

CVE-2015-8903 was published May 13, 2022

The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote... Moderate Unreviewed

CVE-2015-8902 was published May 13, 2022

The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote... Moderate Unreviewed

CVE-2017-18267 was published May 13, 2022

In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders... Moderate Unreviewed

CVE-2018-10177 was published May 13, 2022

In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders... Moderate Unreviewed

CVE-2018-18024 was published May 13, 2022

ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service ... Moderate Unreviewed

CVE-2015-8901 was published May 13, 2022

The make_available_at_least function in io-tiff.c in gdk-pixbuf allows context-dependent... Moderate Unreviewed

CVE-2017-6314 was published May 13, 2022

On BIG-IP 11.5.1-11.6.3.2, 12.1.3.4-12.1.3.7, 13.0.0 HF1-13.1.1.1, and 14.0.0-14.0.0.2, Multi... Moderate Unreviewed

CVE-2019-6594 was published May 13, 2022

In libsixel v1.8.2, there is an infinite loop in the function sixel_decode_raw_impl() in the file... Moderate Unreviewed

CVE-2019-3573 was published May 13, 2022

Improper Handling of Missing Values in kaml Moderate

CVE-2021-39194 was published for com.charleskorn.kaml:kaml (Maven) Sep 7, 2021

libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0... Moderate Unreviewed

CVE-2019-1000020 was published May 13, 2022

Previous 1 2 … 6 7 8 9 10 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

281 advisories