GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
201 advisories
Filter by severity
** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in...
High
Unreviewed
CVE-2018-7712
was published
May 13, 2022
An assertion failure was discovered in wasm::WasmBinaryBuilder::getType() in wasm-binary.cpp in...
High
Unreviewed
CVE-2019-7662
was published
May 13, 2022
The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote...
High
Unreviewed
CVE-2017-11692
was published
May 13, 2022
named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1...
High
Unreviewed
CVE-2016-8864
was published
May 13, 2022
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This...
High
Unreviewed
CVE-2019-10894
was published
May 13, 2022
The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an...
High
Unreviewed
CVE-2018-15822
was published
May 13, 2022
There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2...
High
Unreviewed
CVE-2017-13751
was published
May 13, 2022
There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer...
High
Unreviewed
CVE-2017-13752
was published
May 13, 2022
There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in...
High
Unreviewed
CVE-2017-13745
was published
May 13, 2022
There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer...
High
Unreviewed
CVE-2017-13747
was published
May 13, 2022
There is a reachable assertion abort in the function jpc_pi_nextrpcl() in jpc/jpc_t2cod.c in...
High
Unreviewed
CVE-2017-13749
was published
May 13, 2022
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296...
High
Unreviewed
CVE-2017-13750
was published
May 13, 2022
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297...
High
Unreviewed
CVE-2017-13746
was published
May 13, 2022
The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows remote attackers to cause a...
High
Unreviewed
CVE-2016-9397
was published
May 13, 2022
The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to...
High
Unreviewed
CVE-2016-9398
was published
May 13, 2022
The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a...
High
Unreviewed
CVE-2016-9399
was published
May 13, 2022
A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker...
High
Unreviewed
CVE-2017-3139
was published
May 13, 2022
An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting...
High
Unreviewed
CVE-2018-17205
was published
May 13, 2022
An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD)...
High
Unreviewed
CVE-2017-7539
was published
May 13, 2022
"deny-answer-aliases" is a little-used feature intended to help recursive server operators...
High
Unreviewed
CVE-2018-5740
was published
May 13, 2022
A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and...
High
Unreviewed
CVE-2021-27500
was published
May 13, 2022
A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and...
High
Unreviewed
CVE-2021-27498
was published
May 13, 2022
In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in utils/bitstream.c has a failed...
High
Unreviewed
CVE-2022-29339
was published
May 6, 2022
oftpd before 0.3.7 allows remote attackers to cause a denial of service (daemon abort) via a (1)...
High
Unreviewed
CVE-2006-6767
was published
May 1, 2022
Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT...
High
Unreviewed
CVE-2011-3596
was published
Apr 22, 2022
ProTip!
Advisories are also available from the
GraphQL API