GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
226 advisories
Filter by severity
read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as...
Moderate
Unreviewed
CVE-2017-14933
was published
May 13, 2022
decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as...
Moderate
Unreviewed
CVE-2017-14932
was published
May 13, 2022
In The Sleuth Kit (TSK) 4.4.2, opening a crafted disk image triggers infinite recursion in...
Moderate
Unreviewed
CVE-2017-13756
was published
May 13, 2022
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to...
Moderate
Unreviewed
CVE-2017-11624
was published
May 13, 2022
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to...
Moderate
Unreviewed
CVE-2017-11626
was published
May 13, 2022
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to...
Moderate
Unreviewed
CVE-2017-11627
was published
May 13, 2022
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to...
Moderate
Unreviewed
CVE-2017-11625
was published
May 13, 2022
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0...
Moderate
Unreviewed
CVE-2017-11338
was published
May 13, 2022
Bad reference counting in the context of accept_ice_connection() in gsm-xsmp-server.c in old...
Moderate
Unreviewed
CVE-2017-11171
was published
May 13, 2022
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0...
Moderate
Unreviewed
CVE-2017-0685
was published
May 13, 2022
A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4...
Moderate
Unreviewed
CVE-2018-14629
was published
May 13, 2022
Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka...
Moderate
Unreviewed
CVE-2018-12154
was published
May 13, 2022
In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg...
Moderate
Unreviewed
CVE-2018-19777
was published
May 13, 2022
In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the...
Moderate
Unreviewed
CVE-2018-5686
was published
May 13, 2022
The svg_probe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers...
Moderate
Unreviewed
CVE-2018-7751
was published
May 13, 2022
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31....
Moderate
Unreviewed
CVE-2018-18701
was published
May 13, 2022
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31....
Moderate
Unreviewed
CVE-2018-18700
was published
May 13, 2022
The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS...
Moderate
Unreviewed
CVE-2016-4453
was published
May 13, 2022
ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to...
Moderate
Unreviewed
CVE-2015-7850
was published
May 13, 2022
The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote...
Moderate
Unreviewed
CVE-2017-18267
was published
May 13, 2022
In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may cause infinite recursion via a...
Moderate
Unreviewed
CVE-2018-16646
was published
May 13, 2022
The Linux kernel before 2.6.37 does not properly implement a certain clock-update optimization,...
Moderate
Unreviewed
CVE-2011-4621
was published
May 13, 2022
The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to...
Moderate
Unreviewed
CVE-2015-8900
was published
May 13, 2022
Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and...
Moderate
Unreviewed
CVE-2012-1186
was published
May 13, 2022
The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows...
Moderate
Unreviewed
CVE-2015-8903
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API