GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

809 advisories

Filter by severity

Sort by

Least recently updated

In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in the function ReadPSDImage... High Unreviewed

CVE-2017-12563 was published May 13, 2022

The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause... High Unreviewed

CVE-2017-12691 was published May 13, 2022

In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMIFFImage... High Unreviewed

CVE-2017-12429 was published May 13, 2022

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email... High Unreviewed

CVE-2018-15460 was published May 13, 2022

Docker Registry has Allocation of Resources Without Limits or Throttling High

CVE-2017-11468 was published for github.com/docker/distribution (Go) May 13, 2022

Specific IPv6 DHCP packets received by the jdhcpd daemon will cause a memory resource consumption... High Unreviewed

CVE-2019-0031 was published May 13, 2022

A vulnerability in the UDP protocol implementation for Cisco IoT Field Network Director (IoT-FND)... High Unreviewed

CVE-2019-1644 was published May 13, 2022

A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated,... High Unreviewed

CVE-2019-1599 was published May 13, 2022

ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ReadOneJNGImage in coders\png.c. High Unreviewed

CVE-2017-12643 was published May 13, 2022

Keep-alive HTTP and HTTPS connections can remain open and inactive for up to 2 minutes in Node.js... High Unreviewed

CVE-2019-5739 was published May 13, 2022

In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before... High Unreviewed

CVE-2019-5737 was published May 13, 2022

Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache... Moderate Unreviewed

CVE-2011-0419 was published May 13, 2022

The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest... Moderate Unreviewed

CVE-2016-8576 was published May 13, 2022

Crafted packets destined to the management interface (fxp0) of an SRX340 or SRX345 services... Moderate Unreviewed

CVE-2019-0038 was published May 13, 2022

On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform... Moderate Unreviewed

CVE-2019-0005 was published May 13, 2022

Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service ... Moderate Unreviewed

CVE-2019-9705 was published May 13, 2022

A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated... Moderate Unreviewed

CVE-2018-14660 was published May 13, 2022

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed... Moderate Unreviewed

CVE-2019-9072 was published May 13, 2022

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed... Moderate Unreviewed

CVE-2019-9073 was published May 13, 2022

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed... Moderate Unreviewed

CVE-2019-9076 was published May 13, 2022

An allocation of memory without limits, that could result in the stack clashing with another... High Unreviewed

CVE-2018-16864 was published May 13, 2022

An allocation of memory without limits, that could result in the stack clashing with another... High Unreviewed

CVE-2018-16865 was published May 13, 2022

ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers,... High Unreviewed

CVE-2019-10953 was published May 13, 2022

The jv_dump_term function in jq 1.5 allows remote attackers to cause a denial of service (stack... High Unreviewed

CVE-2016-4074 was published May 13, 2022

A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS... High Unreviewed

CVE-2019-1737 was published May 13, 2022

Previous 1 2 … 26 27 28 29 30 31 32 33 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

809 advisories