GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
357 advisories
Filter by severity
A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an...
High
Unreviewed
CVE-2018-5737
was published
May 13, 2022
In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion...
Moderate
Unreviewed
CVE-2017-11368
was published
May 13, 2022
** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in...
High
Unreviewed
CVE-2018-7713
was published
May 13, 2022
** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in...
High
Unreviewed
CVE-2018-7714
was published
May 13, 2022
** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in...
High
Unreviewed
CVE-2018-7712
was published
May 13, 2022
An assertion failure was discovered in wasm::WasmBinaryBuilder::getType() in wasm-binary.cpp in...
High
Unreviewed
CVE-2019-7662
was published
May 13, 2022
The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote...
High
Unreviewed
CVE-2017-11692
was published
May 13, 2022
Google Chrome before 6.0.472.59 on Linux does not properly handle cursors, which might allow...
Moderate
Unreviewed
CVE-2010-3411
was published
May 13, 2022
named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1...
High
Unreviewed
CVE-2016-8864
was published
May 13, 2022
An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify...
Moderate
Unreviewed
CVE-2017-18252
was published
May 13, 2022
There is a reachable assertion abort in the function write_long_string_missing_values() in data...
Moderate
Unreviewed
CVE-2019-9211
was published
May 13, 2022
An issue was discovered in Bento4 v1.5.1-627. There is an assertion failure in AP4_AtomListWriter...
Moderate
Unreviewed
CVE-2019-7697
was published
May 13, 2022
An issue was discovered in JasPer 2.0.14. There is an access violation in the function...
Moderate
Unreviewed
CVE-2018-19539
was published
May 13, 2022
In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the...
Moderate
Unreviewed
CVE-2017-13658
was published
May 13, 2022
JasPer 2.0.14 allows denial of service via a reachable assertion in the function...
Moderate
Unreviewed
CVE-2018-9252
was published
May 13, 2022
When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP...
Moderate
Unreviewed
CVE-2019-0003
was published
May 13, 2022
A query with a specific set of characteristics could cause a server using DNS64 to encounter an...
Moderate
Unreviewed
CVE-2017-3136
was published
May 13, 2022
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This...
High
Unreviewed
CVE-2019-10894
was published
May 13, 2022
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is...
Moderate
Unreviewed
CVE-2015-8745
was published
May 13, 2022
The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an...
High
Unreviewed
CVE-2018-15822
was published
May 13, 2022
There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2...
High
Unreviewed
CVE-2017-13751
was published
May 13, 2022
There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in...
High
Unreviewed
CVE-2017-13745
was published
May 13, 2022
There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer...
High
Unreviewed
CVE-2017-13752
was published
May 13, 2022
There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer...
High
Unreviewed
CVE-2017-13747
was published
May 13, 2022
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296...
High
Unreviewed
CVE-2017-13750
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API