Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,057
Maven
5,000+
npm
3,742
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,376 advisories

Loading
A buffer overflow vulnerability in the web server of some Hikvision IP Cameras allows an attacker... Critical Unreviewed
CVE-2018-6414 was published May 13, 2022
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data. Critical Unreviewed
CVE-2018-19873 was published May 13, 2022
An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can... Critical Unreviewed
CVE-2018-6892 was published May 13, 2022
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud... Critical Unreviewed
CVE-2016-4607 was published May 13, 2022
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud... Critical Unreviewed
CVE-2016-4609 was published May 13, 2022
Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer before 0.9.11 allows... Critical Unreviewed
CVE-2016-9941 was published May 13, 2022
Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote... Critical Unreviewed
CVE-2016-9942 was published May 13, 2022
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud... Critical Unreviewed
CVE-2016-4610 was published May 13, 2022
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud... Critical Unreviewed
CVE-2016-4608 was published May 13, 2022
In utils.c in zsh before 5.4, symlink expansion had a buffer overflow. Critical Unreviewed
CVE-2017-18206 was published May 13, 2022
Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the... Critical Unreviewed
CVE-2017-14632 was published May 13, 2022
Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have... Critical Unreviewed
CVE-2016-2090 was published May 13, 2022
FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow... Critical Unreviewed
CVE-2017-8287 was published May 13, 2022
An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The output prefix was not... Critical Unreviewed
CVE-2018-7648 was published May 13, 2022
plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2... Critical Unreviewed
CVE-2017-15088 was published May 13, 2022
Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote... Critical Unreviewed
CVE-2016-2148 was published May 13, 2022
In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in... Critical Unreviewed
CVE-2017-12424 was published May 13, 2022
Buffer overflow in the collector.exe listener of the Landesk Management Suite 10.0.0.271 and... Critical Unreviewed
CVE-2016-3147 was published May 13, 2022
Buffer overflow in H2O version 2.2.4 and earlier allows remote attackers to execute arbitrary... Critical Unreviewed
CVE-2018-0608 was published May 13, 2022
D-Link DIR-615 devices have a buffer overflow via a long Authorization HTTP header. Critical Unreviewed
CVE-2018-15839 was published May 13, 2022
An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By... Critical Unreviewed
CVE-2018-6789 was published May 13, 2022
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the... Critical Unreviewed
CVE-2017-7679 was published May 13, 2022
Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before 6.2.4, 6.4.x before 6.4.5,... Critical Unreviewed
CVE-2017-5522 was published May 13, 2022
A Stack-Based Buffer Overflow issue was discovered in Schneider Electric Wonderware ArchestrA... Critical Unreviewed
CVE-2017-9629 was published May 13, 2022
The webService binary on Insteon HD IP Camera White 2864-222 devices has a Buffer Overflow via a... Critical Unreviewed
CVE-2018-12640 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database