Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

186 advisories

Loading
** DISPUTED ** Telegram Desktop (aka tdesktop) 1.3.14 might allow attackers to cause a denial of... High Unreviewed
CVE-2018-17231 was published May 13, 2022
The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli... High Unreviewed
CVE-2018-14045 was published May 13, 2022
The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a in Olli... High Unreviewed
CVE-2018-14044 was published May 13, 2022
tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h. High Unreviewed
CVE-2018-12687 was published May 13, 2022
tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tinyexr.h. High Unreviewed
CVE-2018-12504 was published May 13, 2022
sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers to cause a denial of... High Unreviewed
CVE-2017-8915 was published May 13, 2022
aacplusenc.c in HE-AAC+ Codec (aka libaacplus) 2.0.2 has an assertion failure, which might allow... High Unreviewed
CVE-2017-7605 was published May 13, 2022
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when... High Unreviewed
CVE-2017-7508 was published May 13, 2022
OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote... High Unreviewed
CVE-2017-17432 was published May 13, 2022
There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of... High Unreviewed
CVE-2017-12960 was published May 13, 2022
There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the... High Unreviewed
CVE-2017-12959 was published May 13, 2022
The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure... High Unreviewed
CVE-2017-0375 was published May 13, 2022
The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure... High Unreviewed
CVE-2017-0376 was published May 13, 2022
Mistaken assumptions about the ordering of records in the answer section of a response containing... High Unreviewed
CVE-2017-3137 was published May 13, 2022
A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an... High Unreviewed
CVE-2018-5737 was published May 13, 2022
While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode... High Unreviewed
CVE-2018-5734 was published May 13, 2022
** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in... High Unreviewed
CVE-2018-7714 was published May 13, 2022
** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in... High Unreviewed
CVE-2018-7713 was published May 13, 2022
** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in... High Unreviewed
CVE-2018-7712 was published May 13, 2022
An assertion failure was discovered in wasm::WasmBinaryBuilder::getType() in wasm-binary.cpp in... High Unreviewed
CVE-2019-7662 was published May 13, 2022
The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote... High Unreviewed
CVE-2017-11692 was published May 13, 2022
named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1... High Unreviewed
CVE-2016-8864 was published May 13, 2022
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This... High Unreviewed
CVE-2019-10894 was published May 13, 2022
The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an... High Unreviewed
CVE-2018-15822 was published May 13, 2022
There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2... High Unreviewed
CVE-2017-13751 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database