Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,049
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

169 advisories

Loading
There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0... Moderate Unreviewed
CVE-2017-13727 was published May 13, 2022
The vga display update in mis-calculated the region for the dirty bitmap snapshot in case split... Moderate Unreviewed
CVE-2017-13673 was published May 13, 2022
In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c operates on an incorrect data... Moderate Unreviewed
CVE-2017-13132 was published May 13, 2022
In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage... Moderate Unreviewed
CVE-2017-12434 was published May 13, 2022
There is a reachable assertion in the Internal::TiffReader::visitDirectory function in... Moderate Unreviewed
CVE-2017-11683 was published May 13, 2022
The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0... Moderate Unreviewed
CVE-2017-11524 was published May 13, 2022
The access_pmu_evcntr function in arch/arm64/kvm/sys_regs.c in the Linux kernel before 4.8.11... Moderate Unreviewed
CVE-2017-12168 was published May 13, 2022
named contains a feature which allows operators to issue commands to a running server by... Moderate Unreviewed
CVE-2017-3138 was published May 13, 2022
In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion... Moderate Unreviewed
CVE-2017-11368 was published May 13, 2022
Google Chrome before 6.0.472.59 on Linux does not properly handle cursors, which might allow... Moderate Unreviewed
CVE-2010-3411 was published May 13, 2022
An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify... Moderate Unreviewed
CVE-2017-18252 was published May 13, 2022
There is a reachable assertion abort in the function write_long_string_missing_values() in data... Moderate Unreviewed
CVE-2019-9211 was published May 13, 2022
An issue was discovered in Bento4 v1.5.1-627. There is an assertion failure in AP4_AtomListWriter... Moderate Unreviewed
CVE-2019-7697 was published May 13, 2022
An issue was discovered in JasPer 2.0.14. There is an access violation in the function... Moderate Unreviewed
CVE-2018-19539 was published May 13, 2022
In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the... Moderate Unreviewed
CVE-2017-13658 was published May 13, 2022
JasPer 2.0.14 allows denial of service via a reachable assertion in the function... Moderate Unreviewed
CVE-2018-9252 was published May 13, 2022
When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP... Moderate Unreviewed
CVE-2019-0003 was published May 13, 2022
A query with a specific set of characteristics could cause a server using DNS64 to encounter an... Moderate Unreviewed
CVE-2017-3136 was published May 13, 2022
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is... Moderate Unreviewed
CVE-2015-8745 was published May 13, 2022
An issue was discovered in cairo 1.16.0. There is an assertion problem in the function... Moderate Unreviewed
CVE-2019-6461 was published May 13, 2022
There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound... Moderate Unreviewed
CVE-2017-15371 was published May 13, 2022
An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting... Moderate Unreviewed
CVE-2018-17204 was published May 13, 2022
A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17.... Moderate Unreviewed
CVE-2018-20217 was published May 13, 2022
There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel... Moderate Unreviewed
CVE-2022-29977 was published May 12, 2022
KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG... Moderate Unreviewed
CVE-2006-6811 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database