Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,321 advisories

Loading
In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow... Moderate Unreviewed
CVE-2018-20455 was published May 13, 2022
LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow. Moderate Unreviewed
CVE-2018-20365 was published May 13, 2022
In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the... Moderate Unreviewed
CVE-2018-20184 was published May 13, 2022
There exists a heap-based buffer overflow in vc1_decode_p_mb_intfi in vc1_block.c in Libav 12.3,... Moderate Unreviewed
CVE-2018-18826 was published May 13, 2022
There exists a heap-based buffer overflow in vc1_decode_i_block_adv in vc1_block.c in Libav 12.3,... Moderate Unreviewed
CVE-2018-18828 was published May 13, 2022
An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in... Moderate Unreviewed
CVE-2018-17439 was published May 13, 2022
Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service ... Moderate Unreviewed
CVE-2018-17230 was published May 13, 2022
A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3... Moderate Unreviewed
CVE-2018-17433 was published May 13, 2022
Exiv2::d2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service ... Moderate Unreviewed
CVE-2018-17229 was published May 13, 2022
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use... Moderate Unreviewed
CVE-2018-16542 was published May 13, 2022
A use after free in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to... Moderate Unreviewed
CVE-2018-16066 was published May 13, 2022
A use after free in WebAudio in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to... Moderate Unreviewed
CVE-2018-16067 was published May 13, 2022
In radare2 before 2.9.0, a heap overflow vulnerability exists in the... Moderate Unreviewed
CVE-2018-15834 was published May 13, 2022
An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A... Moderate Unreviewed
CVE-2018-13095 was published May 13, 2022
Stack-based buffer overflow in TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5... Moderate Unreviewed
CVE-2018-12693 was published May 13, 2022
Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable... Moderate Unreviewed
CVE-2018-12181 was published May 13, 2022
An information disclosure vulnerability exists in the way that the scripting engine handles... Moderate Unreviewed
CVE-2018-0981 was published May 13, 2022
An information disclosure vulnerability exists in the way that the scripting engine handles... Moderate Unreviewed
CVE-2018-1000 was published May 13, 2022
An information disclosure vulnerability exists in the way that the scripting engine handles... Moderate Unreviewed
CVE-2018-0989 was published May 13, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2018-0939 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows... Moderate Unreviewed
CVE-2018-0847 was published May 13, 2022
Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built with SCSI-device emulation... Moderate Unreviewed
CVE-2015-5158 was published May 13, 2022
Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI... Moderate Unreviewed
CVE-2015-8613 was published May 13, 2022
The dec_clnpass function in libjasper/jpc/jpc_t1dec.c in JasPer 1.900.27 allows remote attackers... Moderate Unreviewed
CVE-2017-5503 was published May 13, 2022
In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a heap... Moderate Unreviewed
CVE-2018-7519 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database