Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

547 advisories

Loading
A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker... High Unreviewed
CVE-2017-3139 was published May 13, 2022
An issue was discovered in cairo 1.16.0. There is an assertion problem in the function... Moderate Unreviewed
CVE-2019-6461 was published May 13, 2022
The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a... High Unreviewed
CVE-2016-9399 was published May 13, 2022
The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to... High Unreviewed
CVE-2016-9398 was published May 13, 2022
The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows remote attackers to cause a... High Unreviewed
CVE-2016-9397 was published May 13, 2022
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297... High Unreviewed
CVE-2017-13746 was published May 13, 2022
There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer... High Unreviewed
CVE-2017-13747 was published May 13, 2022
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296... High Unreviewed
CVE-2017-13750 was published May 13, 2022
There is a reachable assertion abort in the function jpc_pi_nextrpcl() in jpc/jpc_t2cod.c in... High Unreviewed
CVE-2017-13749 was published May 13, 2022
There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer... High Unreviewed
CVE-2017-13752 was published May 13, 2022
There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in... High Unreviewed
CVE-2017-13745 was published May 13, 2022
There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2... High Unreviewed
CVE-2017-13751 was published May 13, 2022
The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an... High Unreviewed
CVE-2018-15822 was published May 13, 2022
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is... Moderate Unreviewed
CVE-2015-8745 was published May 13, 2022
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This... High Unreviewed
CVE-2019-10894 was published May 13, 2022
A query with a specific set of characteristics could cause a server using DNS64 to encounter an... Moderate Unreviewed
CVE-2017-3136 was published May 13, 2022
When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP... Moderate Unreviewed
CVE-2019-0003 was published May 13, 2022
JasPer 2.0.14 allows denial of service via a reachable assertion in the function... Moderate Unreviewed
CVE-2018-9252 was published May 13, 2022
In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the... Moderate Unreviewed
CVE-2017-13658 was published May 13, 2022
An issue was discovered in JasPer 2.0.14. There is an access violation in the function... Moderate Unreviewed
CVE-2018-19539 was published May 13, 2022
An issue was discovered in Bento4 v1.5.1-627. There is an assertion failure in AP4_AtomListWriter... Moderate Unreviewed
CVE-2019-7697 was published May 13, 2022
There is a reachable assertion abort in the function write_long_string_missing_values() in data... Moderate Unreviewed
CVE-2019-9211 was published May 13, 2022
An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify... Moderate Unreviewed
CVE-2017-18252 was published May 13, 2022
named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1... High Unreviewed
CVE-2016-8864 was published May 13, 2022
Google Chrome before 6.0.472.59 on Linux does not properly handle cursors, which might allow... Moderate Unreviewed
CVE-2010-3411 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database