GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,132
Erlang
29
GitHub Actions
19
Go
1,937
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
160 advisories
Filter by severity
JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_firstone in...
Moderate
Unreviewed
CVE-2018-9055
was published
May 13, 2022
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11...
Moderate
Unreviewed
CVE-2018-4113
was published
May 13, 2022
The BPMDetect class in BPMDetect.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows...
Moderate
Unreviewed
CVE-2018-17096
was published
May 13, 2022
In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context...
Moderate
Unreviewed
CVE-2018-13304
was published
May 13, 2022
The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote...
Moderate
Unreviewed
CVE-2018-10963
was published
May 13, 2022
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo,...
Moderate
Unreviewed
CVE-2017-9501
was published
May 13, 2022
In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function...
Moderate
Unreviewed
CVE-2017-9500
was published
May 13, 2022
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function...
Moderate
Unreviewed
CVE-2017-9499
was published
May 13, 2022
The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted,...
Moderate
Unreviewed
CVE-2017-8372
was published
May 13, 2022
OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet...
Moderate
Unreviewed
CVE-2017-7479
was published
May 13, 2022
seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (assertion...
Moderate
Unreviewed
CVE-2017-5981
was published
May 13, 2022
User process can perform the kernel DOS in ashmem when doing cache maintenance operation in all...
Moderate
Unreviewed
CVE-2017-18169
was published
May 13, 2022
In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp,...
Moderate
Unreviewed
CVE-2017-17722
was published
May 13, 2022
RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote authenticated users to cause a denial...
Moderate
Unreviewed
CVE-2017-16818
was published
May 13, 2022
ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG...
Moderate
Unreviewed
CVE-2017-14649
was published
May 13, 2022
There is a reachable assertion abort in the function TIFFWriteDirectorySec() in LibTIFF 4.0.8,...
Moderate
Unreviewed
CVE-2017-13726
was published
May 13, 2022
There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0...
Moderate
Unreviewed
CVE-2017-13727
was published
May 13, 2022
The vga display update in mis-calculated the region for the dirty bitmap snapshot in case split...
Moderate
Unreviewed
CVE-2017-13673
was published
May 13, 2022
In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c operates on an incorrect data...
Moderate
Unreviewed
CVE-2017-13132
was published
May 13, 2022
In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage...
Moderate
Unreviewed
CVE-2017-12434
was published
May 13, 2022
There is a reachable assertion in the Internal::TiffReader::visitDirectory function in...
Moderate
Unreviewed
CVE-2017-11683
was published
May 13, 2022
The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0...
Moderate
Unreviewed
CVE-2017-11524
was published
May 13, 2022
The access_pmu_evcntr function in arch/arm64/kvm/sys_regs.c in the Linux kernel before 4.8.11...
Moderate
Unreviewed
CVE-2017-12168
was published
May 13, 2022
named contains a feature which allows operators to issue commands to a running server by...
Moderate
Unreviewed
CVE-2017-3138
was published
May 13, 2022
In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion...
Moderate
Unreviewed
CVE-2017-11368
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API