GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,965
Erlang
29
GitHub Actions
16
Go
1,747
Maven
4,975
npm
3,507
NuGet
609
pip
3,071
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
12,667 advisories
Filter by severity
Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8...
High
Unreviewed
CVE-2016-10050
was published
May 13, 2022
Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6...
High
Unreviewed
CVE-2016-10052
was published
May 13, 2022
Buffer overflow in the WriteMAPImage function in coders/map.c in ImageMagick before 6.9.5-8...
High
Unreviewed
CVE-2016-10054
was published
May 13, 2022
Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8...
High
Unreviewed
CVE-2016-10056
was published
May 13, 2022
Buffer overflow in the WritePDBImage function in coders/pdb.c in ImageMagick before 6.9.5-8...
High
Unreviewed
CVE-2016-10055
was published
May 13, 2022
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows...
High
Unreviewed
CVE-2016-10049
was published
May 13, 2022
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud...
Critical
Unreviewed
CVE-2016-4610
was published
May 13, 2022
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud...
Critical
Unreviewed
CVE-2016-4608
was published
May 13, 2022
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP...
High
Unreviewed
CVE-2012-5958
was published
May 13, 2022
In utils.c in zsh before 5.4, symlink expansion had a buffer overflow.
Critical
Unreviewed
CVE-2017-18206
was published
May 13, 2022
Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete...
High
Unreviewed
CVE-2018-1083
was published
May 13, 2022
Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the...
Critical
Unreviewed
CVE-2017-14632
was published
May 13, 2022
The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local...
High
Unreviewed
CVE-2017-16995
was published
May 13, 2022
Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have...
Critical
Unreviewed
CVE-2016-2090
was published
May 13, 2022
The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to...
Moderate
Unreviewed
CVE-2012-5669
was published
May 13, 2022
Stack-based buffer overflow in the cf2_hintmap_build function in cff/cf2hints.c in FreeType...
High
Unreviewed
CVE-2014-2240
was published
May 13, 2022
FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow...
Critical
Unreviewed
CVE-2017-8287
was published
May 13, 2022
The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to...
Moderate
Unreviewed
CVE-2012-5670
was published
May 13, 2022
Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in FreeType 2.4.3 and earlier...
Moderate
Unreviewed
CVE-2010-3814
was published
May 13, 2022
FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (NULL...
Moderate
Unreviewed
CVE-2012-5668
was published
May 13, 2022
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows...
High
Unreviewed
CVE-2012-1142
was published
May 13, 2022
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows...
High
Unreviewed
CVE-2012-1141
was published
May 13, 2022
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows...
High
Unreviewed
CVE-2012-1144
was published
May 13, 2022
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows...
High
Unreviewed
CVE-2012-1138
was published
May 13, 2022
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows...
High
Unreviewed
CVE-2012-1140
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API