Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

5,729 advisories

Loading
cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of... High Unreviewed
CVE-2017-9814 was published May 13, 2022
libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the... High Unreviewed
CVE-2019-3823 was published May 13, 2022
Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted... Moderate Unreviewed
CVE-2014-3675 was published May 13, 2022
Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to... Critical Unreviewed
CVE-2016-6520 was published May 13, 2022
The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to... Moderate Unreviewed
CVE-2016-3178 was published May 13, 2022
The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service... Moderate Unreviewed
CVE-2016-7101 was published May 13, 2022
MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive... High Unreviewed
CVE-2016-5842 was published May 13, 2022
The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an... Moderate Unreviewed
CVE-2017-13769 was published May 13, 2022
LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 allows out-of-bounds access... Moderate Unreviewed
CVE-2019-10714 was published May 13, 2022
ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over... Moderate Unreviewed
CVE-2017-17504 was published May 13, 2022
MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of... Moderate Unreviewed
CVE-2016-7799 was published May 13, 2022
The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel... Moderate Unreviewed
CVE-2017-8831 was published May 13, 2022
A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to... High Unreviewed
CVE-2018-1303 was published May 13, 2022
Rxvt 2.7.10 is vulnerable to a denial of service attack by passing the value -2^31 inside a... High Unreviewed
CVE-2017-7483 was published May 13, 2022
The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote... Moderate Unreviewed
CVE-2016-2518 was published May 13, 2022
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder,... Critical Unreviewed
CVE-2019-8280 was published May 13, 2022
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder... Critical Unreviewed
CVE-2019-8264 was published May 13, 2022
UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC code inside client CoRRE... Critical Unreviewed
CVE-2019-8261 was published May 13, 2022
UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper... Critical Unreviewed
CVE-2019-8265 was published May 13, 2022
UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC client RRE decoder code,... Critical Unreviewed
CVE-2019-8260 was published May 13, 2022
idn in GNU libidn before 1.33 might allow remote attackers to obtain sensitive memory information... High Unreviewed
CVE-2015-8948 was published May 13, 2022
idn in libidn before 1.33 might allow remote attackers to obtain sensitive memory information by... High Unreviewed
CVE-2016-6262 was published May 13, 2022
The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context... High Unreviewed
CVE-2016-6263 was published May 13, 2022
The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allows context-dependent... High Unreviewed
CVE-2016-6261 was published May 13, 2022
The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE through 8.x before... High Unreviewed
CVE-2017-6004 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database