GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,532
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,984
Maven 5,159
npm 3,701
NuGet 657
pip 3,325
Pub 11
RubyGems 882
Rust 835
Swift 35

Unreviewed advisories

All unreviewed 233,165

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

88 advisories

Filter by severity

Sort by

Least recently updated

A use-after-free vulnerability exists in the RS-274X aperture definition tokenization... High Unreviewed

CVE-2021-40401 was published Feb 10, 2022

Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user... Moderate Unreviewed

CVE-2021-0107 was published Feb 11, 2022

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly... Critical Unreviewed

CVE-2022-23806 was published Feb 12, 2022

A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that... Moderate Unreviewed

CVE-2021-42780 was published Apr 19, 2022

manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the... Critical Unreviewed

CVE-1999-0199 was published Apr 21, 2022

In Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw the exception captured during... Moderate Unreviewed

CVE-2021-41041 was published Apr 28, 2022

Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return... Moderate Unreviewed

CVE-2002-1372 was published Apr 30, 2022

The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional... High Unreviewed

CVE-2005-4360 was published May 1, 2022

Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote... Moderate Unreviewed

CVE-2007-3798 was published May 1, 2022

mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the... High Unreviewed

CVE-2007-5191 was published May 1, 2022

Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value... Moderate Unreviewed

CVE-2009-0265 was published May 2, 2022

The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a... Moderate Unreviewed

CVE-2010-0211 was published May 2, 2022

Unchecked return value in the BIOS firmware for some Intel(R) Processors may allow a privileged... Moderate Unreviewed

CVE-2021-0155 was published May 13, 2022

The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not... Moderate Unreviewed

CVE-2016-10060 was published May 13, 2022

The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the... Moderate Unreviewed

CVE-2016-10061 was published May 13, 2022

A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The... High Unreviewed

CVE-2018-14622 was published May 13, 2022

The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders... Moderate Unreviewed

CVE-2018-16643 was published May 13, 2022

In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet... High Unreviewed

CVE-2019-10902 was published May 13, 2022

QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not... High Unreviewed

CVE-2018-20216 was published May 13, 2022

In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was... High Unreviewed

CVE-2018-14367 was published May 13, 2022

A remote denial of service vulnerability in libhevc in Mediaserver could enable an attacker to... High Unreviewed

CVE-2017-0599 was published May 13, 2022

A remote code execution vulnerability in the Android media framework (libhevc). Product: Android.... High Unreviewed

CVE-2017-0720 was published May 13, 2022

A denial of service vulnerability in the Android media framework (libstagefright). Product:... High Unreviewed

CVE-2017-0774 was published May 13, 2022

dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the... High Unreviewed

CVE-2017-6964 was published May 13, 2022

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in... High Unreviewed

CVE-2019-15942 was published May 24, 2022

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

88 advisories