GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,477
Composer 3,978
Erlang 29
GitHub Actions 16
Go 1,768
Maven 4,991
npm 3,537
NuGet 616
pip 3,107
Pub 10
RubyGems 837
Rust 786
Swift 34

Unreviewed advisories

All unreviewed 222,593

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

22,038 advisories

Filter by severity

Sort by

Least recently updated

The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c... Critical Unreviewed

CVE-2017-12986 was published May 13, 2022

The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). Critical Unreviewed

CVE-2017-13051 was published May 13, 2022

The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print(). Critical Unreviewed

CVE-2017-13047 was published May 13, 2022

The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print(). Critical Unreviewed

CVE-2017-13689 was published May 13, 2022

The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c... Critical Unreviewed

CVE-2017-13050 was published May 13, 2022

The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several... Critical Unreviewed

CVE-2017-13690 was published May 13, 2022

The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c... Critical Unreviewed

CVE-2017-13035 was published May 13, 2022

The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print(). Critical Unreviewed

CVE-2017-12996 was published May 13, 2022

In receive_packet of libnetutils/packet.c, there is a possible out-of-bounds write due to a... Critical Unreviewed

CVE-2017-13208 was published May 13, 2022

In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018... Critical Unreviewed

CVE-2017-13889 was published May 13, 2022

Xpress Server in SAP POS does not require authentication for file read and erase operations,... Critical Unreviewed

CVE-2017-15293 was published May 13, 2022

An authentication bypass vulnerability on UTStar WA3002G4 ADSL Broadband Modem WA3002G4-0021.01... Critical Unreviewed

CVE-2017-14243 was published May 13, 2022

An improper access control vulnerability in Trend Micro Smart Protection Server (Standalone)... Critical Unreviewed

CVE-2017-14097 was published May 13, 2022

ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC56U, DSL-N10_C1, DSL-N12U C1... Critical Unreviewed

CVE-2017-14698 was published May 13, 2022

An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that can... Critical Unreviewed

CVE-2017-14189 was published May 13, 2022

The OhMiBod Remote app for Android and iOS allows remote attackers to impersonate users by... Critical Unreviewed

CVE-2017-14487 was published May 13, 2022

The DHCP client on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV.... Critical Unreviewed

CVE-2017-14429 was published May 13, 2022

register_send.php on D-Link DIR-850L REV. B (with firmware through FW208WWb02) devices does not... Critical Unreviewed

CVE-2017-14417 was published May 13, 2022

ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because... Critical Unreviewed

CVE-2017-14138 was published May 13, 2022

EMC RSA Authentication Agent API 8.5 for C and RSA Authentication Agent SDK 8.6 for C allow... Critical Unreviewed

CVE-2017-14378 was published May 13, 2022

An authentication bypass exists in the E-Sic 1.0 /index (aka login) URI via '=''or' values for... Critical Unreviewed

CVE-2017-15379 was published May 13, 2022

Before Thornberry NDoc version 8.0, laptop clients and the server have default database (Cache)... Critical Unreviewed

CVE-2017-15366 was published May 13, 2022

Bamboo did not check that the name of a branch in a Mercurial repository contained argument... Critical Unreviewed

CVE-2017-14590 was published May 13, 2022

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the... Critical Unreviewed

CVE-2017-14907 was published May 13, 2022

v5/config/system.php in dayrui FineCms 5.2.0 has a default SYS_KEY value and does not require key... Critical Unreviewed

CVE-2017-16920 was published May 13, 2022

Previous 1 2 … 394 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

22,038 advisories