Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,409
Erlang
33
GitHub Actions
22
Go
2,144
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

501 advisories

Loading
Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc... Critical Unreviewed
CVE-2019-9631 was published May 13, 2022
The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x... Critical Unreviewed
CVE-2014-1508 was published May 13, 2022
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the... Critical Unreviewed
CVE-2019-11006 was published May 13, 2022
Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of... Critical Unreviewed
CVE-2016-7951 was published May 13, 2022
The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a... Critical Unreviewed
CVE-2017-8872 was published May 13, 2022
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png... Critical Unreviewed
CVE-2017-13139 was published May 13, 2022
The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print(). Critical Unreviewed
CVE-2017-12899 was published May 13, 2022
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c... Critical Unreviewed
CVE-2017-12896 was published May 13, 2022
The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c... Critical Unreviewed
CVE-2017-12987 was published May 13, 2022
The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several... Critical Unreviewed
CVE-2017-12902 was published May 13, 2022
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print(). Critical Unreviewed
CVE-2017-13020 was published May 13, 2022
The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print(). Critical Unreviewed
CVE-2017-13687 was published May 13, 2022
The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c... Critical Unreviewed
CVE-2017-13004 was published May 13, 2022
The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print(). Critical Unreviewed
CVE-2017-13028 was published May 13, 2022
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c... Critical Unreviewed
CVE-2017-13024 was published May 13, 2022
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c... Critical Unreviewed
CVE-2017-13725 was published May 13, 2022
An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an... Critical Unreviewed
CVE-2018-14938 was published May 13, 2022
The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a... Critical Unreviewed
CVE-2017-16840 was published May 13, 2022
unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib... Critical Unreviewed
CVE-2017-14122 was published May 13, 2022
Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to... Critical Unreviewed
CVE-2016-6520 was published May 13, 2022
UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper... Critical Unreviewed
CVE-2019-8265 was published May 13, 2022
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder,... Critical Unreviewed
CVE-2019-8280 was published May 13, 2022
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder... Critical Unreviewed
CVE-2019-8264 was published May 13, 2022
UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC code inside client CoRRE... Critical Unreviewed
CVE-2019-8261 was published May 13, 2022
UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC client RRE decoder code,... Critical Unreviewed
CVE-2019-8260 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database