GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,931
Composer 4,272
Erlang 31
GitHub Actions 21
Go 2,049
Maven 5,232
npm 3,739
NuGet 668
pip 3,417
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,436

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

357 advisories

Filter by severity

Sort by

Least recently updated

The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted,... Moderate Unreviewed

CVE-2017-8372 was published May 13, 2022

aacplusenc.c in HE-AAC+ Codec (aka libaacplus) 2.0.2 has an assertion failure, which might allow... High Unreviewed

CVE-2017-7605 was published May 13, 2022

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when... High Unreviewed

CVE-2017-7508 was published May 13, 2022

OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet... Moderate Unreviewed

CVE-2017-7479 was published May 13, 2022

seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (assertion... Moderate Unreviewed

CVE-2017-5981 was published May 13, 2022

User process can perform the kernel DOS in ashmem when doing cache maintenance operation in all... Moderate Unreviewed

CVE-2017-18169 was published May 13, 2022

In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp,... Moderate Unreviewed

CVE-2017-17722 was published May 13, 2022

OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote... High Unreviewed

CVE-2017-17432 was published May 13, 2022

RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote authenticated users to cause a denial... Moderate Unreviewed

CVE-2017-16818 was published May 13, 2022

ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG... Moderate Unreviewed

CVE-2017-14649 was published May 13, 2022

There is a reachable assertion abort in the function TIFFWriteDirectorySec() in LibTIFF 4.0.8,... Moderate Unreviewed

CVE-2017-13726 was published May 13, 2022

There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0... Moderate Unreviewed

CVE-2017-13727 was published May 13, 2022

The vga display update in mis-calculated the region for the dirty bitmap snapshot in case split... Moderate Unreviewed

CVE-2017-13673 was published May 13, 2022

In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c operates on an incorrect data... Moderate Unreviewed

CVE-2017-13132 was published May 13, 2022

There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of... High Unreviewed

CVE-2017-12960 was published May 13, 2022

There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the... High Unreviewed

CVE-2017-12959 was published May 13, 2022

In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage... Moderate Unreviewed

CVE-2017-12434 was published May 13, 2022

There is a reachable assertion in the Internal::TiffReader::visitDirectory function in... Moderate Unreviewed

CVE-2017-11683 was published May 13, 2022

The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0... Moderate Unreviewed

CVE-2017-11524 was published May 13, 2022

The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure... High Unreviewed

CVE-2017-0375 was published May 13, 2022

The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure... High Unreviewed

CVE-2017-0376 was published May 13, 2022

The access_pmu_evcntr function in arch/arm64/kvm/sys_regs.c in the Linux kernel before 4.8.11... Moderate Unreviewed

CVE-2017-12168 was published May 13, 2022

Mistaken assumptions about the ordering of records in the answer section of a response containing... High Unreviewed

CVE-2017-3137 was published May 13, 2022

named contains a feature which allows operators to issue commands to a running server by... Moderate Unreviewed

CVE-2017-3138 was published May 13, 2022

While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode... High Unreviewed

CVE-2018-5734 was published May 13, 2022

Previous 1 2 … 8 9 10 11 12 13 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

357 advisories