GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,533
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,984
Maven 5,159
npm 3,701
NuGet 657
pip 3,325
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,165

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

42 advisories

Filter by severity

Sort by

Least recently updated

A use-after-free vulnerability exists in the RS-274X aperture definition tokenization... High Unreviewed

CVE-2021-40401 was published Feb 10, 2022

The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional... High Unreviewed

CVE-2005-4360 was published May 1, 2022

mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the... High Unreviewed

CVE-2007-5191 was published May 1, 2022

A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The... High Unreviewed

CVE-2018-14622 was published May 13, 2022

In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet... High Unreviewed

CVE-2019-10902 was published May 13, 2022

QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not... High Unreviewed

CVE-2018-20216 was published May 13, 2022

In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was... High Unreviewed

CVE-2018-14367 was published May 13, 2022

A remote denial of service vulnerability in libhevc in Mediaserver could enable an attacker to... High Unreviewed

CVE-2017-0599 was published May 13, 2022

A remote code execution vulnerability in the Android media framework (libhevc). Product: Android.... High Unreviewed

CVE-2017-0720 was published May 13, 2022

A denial of service vulnerability in the Android media framework (libstagefright). Product:... High Unreviewed

CVE-2017-0774 was published May 13, 2022

dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the... High Unreviewed

CVE-2017-6964 was published May 13, 2022

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in... High Unreviewed

CVE-2019-15942 was published May 24, 2022

smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products,... High Unreviewed

CVE-2020-7247 was published May 24, 2022

The decode program in silk-v3-decoder Version:20160922 Build By kn007 does not strictly check... High Unreviewed

CVE-2020-24074 was published May 24, 2022

An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation... High Unreviewed

CVE-2019-20919 was published May 24, 2022

An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The... High Unreviewed

CVE-2020-29569 was published May 24, 2022

In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value... High Unreviewed

CVE-2021-28875 was published May 24, 2022

In function read_yin_leaf() in libyang <= v1.0.225, it doesn't check whether the value of retval-... High Unreviewed

CVE-2021-28906 was published May 24, 2022

In function read_yin_container() in libyang <= v1.0.225, it doesn't check whether the value of... High Unreviewed

CVE-2021-28902 was published May 24, 2022

In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of... High Unreviewed

CVE-2021-28904 was published May 24, 2022

A vulnerability was found in Radare2 in version 5.3.1. Improper input validation when reading a... High Unreviewed

CVE-2021-3673 was published May 24, 2022

In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser... High Unreviewed

CVE-2021-34585 was published May 24, 2022

A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value,... High Unreviewed

CVE-2021-3998 was published Aug 25, 2022

A flaw was found in the copying tool `nbdcopy` of libnbd. When performing multi-threaded copies... High Unreviewed

CVE-2022-0485 was published Aug 29, 2022

A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response... High Unreviewed

CVE-2022-1319 was published Sep 1, 2022

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

42 advisories