GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,983
Erlang
29
GitHub Actions
16
Go
1,769
Maven
4,994
npm
3,540
NuGet
616
pip
3,113
Pub
10
RubyGems
838
Rust
787
Swift
34
Unreviewed advisories
All unreviewed
5,000+
22,053 advisories
Filter by severity
The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.
Critical
Unreviewed
CVE-2017-13006
was published
May 13, 2022
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c...
Critical
Unreviewed
CVE-2017-13023
was published
May 13, 2022
The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c...
Critical
Unreviewed
CVE-2017-13041
was published
May 13, 2022
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several...
Critical
Unreviewed
CVE-2017-13039
was published
May 13, 2022
In Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified...
Critical
Unreviewed
CVE-2017-14100
was published
May 13, 2022
A flaw in the IBM J9 VM class verifier allows untrusted code to disable the security manager and...
Critical
Unreviewed
CVE-2017-1376
was published
May 13, 2022
The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().
Critical
Unreviewed
CVE-2017-13021
was published
May 13, 2022
The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().
Critical
Unreviewed
CVE-2017-13049
was published
May 13, 2022
The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x...
Critical
Unreviewed
CVE-2017-12933
was published
May 13, 2022
The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().
Critical
Unreviewed
CVE-2017-13010
was published
May 13, 2022
A remote code execution vulnerability in the Android system (bluetooth). Product: Android....
Critical
Unreviewed
CVE-2017-13160
was published
May 13, 2022
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c...
Critical
Unreviewed
CVE-2017-12986
was published
May 13, 2022
The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().
Critical
Unreviewed
CVE-2017-13019
was published
May 13, 2022
The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().
Critical
Unreviewed
CVE-2017-13018
was published
May 13, 2022
The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
Critical
Unreviewed
CVE-2017-13048
was published
May 13, 2022
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c...
Critical
Unreviewed
CVE-2017-13053
was published
May 13, 2022
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c...
Critical
Unreviewed
CVE-2017-13055
was published
May 13, 2022
The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().
Critical
Unreviewed
CVE-2017-13038
was published
May 13, 2022
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().
Critical
Unreviewed
CVE-2017-13001
was published
May 13, 2022
The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().
Critical
Unreviewed
CVE-2017-13016
was published
May 13, 2022
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().
Critical
Unreviewed
CVE-2017-13043
was published
May 13, 2022
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
Critical
Unreviewed
CVE-2017-13046
was published
May 13, 2022
The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c...
Critical
Unreviewed
CVE-2017-13054
was published
May 13, 2022
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c...
Critical
Unreviewed
CVE-2017-13035
was published
May 13, 2022
The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
Critical
Unreviewed
CVE-2017-13051
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API