GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
67 advisories
Filter by severity
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-wccp.c had a large loop...
High
Unreviewed
CVE-2018-7323
was published
May 13, 2022
An issue was discovered in Free Lossless Image Format (FLIF) 0.3. An attacker can trigger a long...
Moderate
Unreviewed
CVE-2018-11507
was published
May 13, 2022
In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the function ReadPDBImage in...
High
Unreviewed
CVE-2017-12674
was published
May 13, 2022
In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders...
High
Unreviewed
CVE-2017-17914
was published
May 13, 2022
In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of...
High
Unreviewed
CVE-2017-14172
was published
May 13, 2022
In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of...
High
Unreviewed
CVE-2017-14175
was published
May 13, 2022
The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator)...
Moderate
Unreviewed
CVE-2016-7421
was published
May 13, 2022
In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an...
High
Unreviewed
CVE-2017-14174
was published
May 13, 2022
In libavformat/mxfdec.c in FFmpeg 3.3.3 -> 2.4, a DoS in mxf_read_index_entry_array() due to lack...
High
Unreviewed
CVE-2017-14170
was published
May 13, 2022
In libavformat/nsvdec.c in FFmpeg 2.4 and 3.3.3, a DoS in nsv_parse_NSVf_header() due to lack of...
High
Unreviewed
CVE-2017-14171
was published
May 13, 2022
In Storage Performance Development Kit (SPDK) before 19.01, a malicious vhost client (i.e.,...
Moderate
Unreviewed
CVE-2019-9547
was published
May 13, 2022
A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping...
High
Unreviewed
CVE-2021-4021
was published
Feb 25, 2022
Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow...
Moderate
Unreviewed
CVE-2022-0585
was published
Feb 19, 2022
Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet...
High
Unreviewed
CVE-2021-4190
was published
Dec 31, 2021
Using the Location API in a loop could have caused severe application hangs and crashes. This...
Moderate
Unreviewed
CVE-2021-43545
was published
Dec 9, 2021
NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of...
High
Unreviewed
CVE-2021-39923
was published
Nov 20, 2021
Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows...
High
Unreviewed
CVE-2021-39924
was published
Nov 20, 2021
ProTip!
Advisories are also available from the
GraphQL API