Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

441 advisories

Loading
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite... High Unreviewed
CVE-2017-11406 was published May 13, 2022
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0... Moderate Unreviewed
CVE-2017-11338 was published May 13, 2022
Bad reference counting in the context of accept_ice_connection() in gsm-xsmp-server.c in old... Moderate Unreviewed
CVE-2017-11171 was published May 13, 2022
The ExifImageFile::readImage function in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote... High Unreviewed
CVE-2017-11118 was published May 13, 2022
An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite loop and memory exhaustion... High Unreviewed
CVE-2017-10985 was published May 13, 2022
An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Infinite read in dhcp_attr2vp()... High Unreviewed
CVE-2017-10986 was published May 13, 2022
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0... Moderate Unreviewed
CVE-2017-0685 was published May 13, 2022
An infinite loop vulnerability was found in libtirpc before version 1.0.2-rc2. With the port to... High Unreviewed
CVE-2018-14621 was published May 13, 2022
A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4... Moderate Unreviewed
CVE-2018-14629 was published May 13, 2022
A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions... High Unreviewed
CVE-2018-1041 was published May 13, 2022
The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in... High Unreviewed
CVE-2018-5381 was published May 13, 2022
Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka... Moderate Unreviewed
CVE-2018-12154 was published May 13, 2022
In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg... Moderate Unreviewed
CVE-2018-19777 was published May 13, 2022
** DISPUTED ** The deserialize function in serialize-to-js through 1.1.1 allows attackers to... High Unreviewed
CVE-2017-15871 was published May 13, 2022
sas/readstat_sas7bcat_read.c in libreadstat.a in ReadStat 0.1.1 has an infinite loop. High Unreviewed
CVE-2018-11365 was published May 13, 2022
In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the... Moderate Unreviewed
CVE-2018-5686 was published May 13, 2022
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector... High Unreviewed
CVE-2018-14368 was published May 13, 2022
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite... High Unreviewed
CVE-2018-19622 was published May 13, 2022
The svg_probe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers... Moderate Unreviewed
CVE-2018-7751 was published May 13, 2022
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.... Moderate Unreviewed
CVE-2018-18701 was published May 13, 2022
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.... Moderate Unreviewed
CVE-2018-18700 was published May 13, 2022
The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS... Moderate Unreviewed
CVE-2016-4453 was published May 13, 2022
ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to... Moderate Unreviewed
CVE-2015-7850 was published May 13, 2022
The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote... Moderate Unreviewed
CVE-2017-18267 was published May 13, 2022
In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may cause infinite recursion via a... Moderate Unreviewed
CVE-2018-16646 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database