GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,977
Composer 4,285
Erlang 31
GitHub Actions 21
Go 2,058
Maven 5,239
npm 3,742
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,425

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,376 advisories

Filter by severity

Sort by

Least recently updated

Buffer overflow in the GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x... Critical Unreviewed

CVE-2016-3657 was published May 13, 2022

Buffer overflow in the management web interface in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x... Critical Unreviewed

CVE-2016-9150 was published May 13, 2022

Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess (aka... Critical Unreviewed

CVE-2015-8972 was published May 13, 2022

The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive... Critical Unreviewed

CVE-2015-8710 was published May 13, 2022

Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and earlier allows remote attackers... Critical Unreviewed

CVE-2017-12865 was published May 13, 2022

In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault in _pbcB_register_fields in... Critical Unreviewed

CVE-2018-12918 was published May 13, 2022

Buffer overflow in the SLPFoldWhiteSpace function in common/slp_compare.c in OpenSLP 2.0 allows... Critical Unreviewed

CVE-2016-7567 was published May 13, 2022

Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers... Critical Unreviewed

CVE-2017-8798 was published May 13, 2022

Yodl before 3.07.01 has a Buffer Over-read in the queue_push function in queue/queuepush.c. Critical Unreviewed

CVE-2016-10375 was published May 13, 2022

OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue... Critical Unreviewed

CVE-2017-17833 was published May 13, 2022

A buffer overflow has been found in the Zephyr Project's getaddrinfo() implementation in 1.9.0... Critical Unreviewed

CVE-2017-14199 was published May 13, 2022

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not... Critical Unreviewed

CVE-2018-14362 was published May 13, 2022

The CClient::ProcessServerPacket method in engine/client/client.cpp in Teeworlds before 0.6.4... Critical Unreviewed

CVE-2016-9400 was published May 13, 2022

An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2... Critical Unreviewed

CVE-2017-18269 was published May 13, 2022

Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26... Critical Unreviewed

CVE-2017-12883 was published May 13, 2022

Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl before 5.24... Critical Unreviewed

CVE-2017-12814 was published May 13, 2022

Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular... Critical Unreviewed

CVE-2018-18312 was published May 13, 2022

Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid... Critical Unreviewed

CVE-2018-18314 was published May 13, 2022

Google Chrome before 6.0.472.59 on Linux does not properly implement the Khmer locale, which... Critical Unreviewed

CVE-2010-3416 was published May 13, 2022

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0,... Critical Unreviewed

CVE-2014-1493 was published May 13, 2022

The Hipchat for Mac desktop client is vulnerable to client-side remote code execution via video... Critical Unreviewed

CVE-2017-14586 was published May 13, 2022

An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the... Critical Unreviewed

CVE-2018-0007 was published May 13, 2022

The clusterLoadConfig function in cluster.c in Redis 4.0.2 allows attackers to cause a denial of... Critical Unreviewed

CVE-2017-15047 was published May 13, 2022

Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy... Critical Unreviewed

CVE-2015-6674 was published May 13, 2022

A buffer overflow vulnerability in the control protocol of Disk Savvy Enterprise v10.4.18 allows... Critical Unreviewed

CVE-2018-6481 was published May 13, 2022

Previous 1 2 … 48 49 50 51 52 … 55 56 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,376 advisories