Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,041 advisories

Loading
Django DoS in django.views.static.serve High
CVE-2015-0221 was published for Django (pip) May 17, 2022
sunSUNQ
Credited to sunSUNQ
The "process-execute" and "process-spawn" procedures did not free memory correctly when the... High Unreviewed
CVE-2016-6831 was published May 17, 2022
Samsung Note devices with KK(4.4), L(5.0/5.1), and M(6.0) software allow attackers to crash the... High Unreviewed
CVE-2017-5351 was published May 17, 2022
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions... High Unreviewed
CVE-2016-9367 was published May 17, 2022
Memory leak in the NewXMLTree function in magick/xml-tree.c in ImageMagick before 6.9.4-7 allows... High Unreviewed
CVE-2016-10047 was published May 17, 2022
The __decode_dotted function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS... High Unreviewed
CVE-2016-2224 was published May 17, 2022
The __read_etc_hosts_r function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote... High Unreviewed
CVE-2016-2225 was published May 17, 2022
Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00,... Moderate Unreviewed
CVE-2016-8780 was published May 17, 2022
A vulnerability in the network stack of MikroTik Version 6.38.5 released 2017-03-09 could allow... High Unreviewed
CVE-2017-7285 was published May 17, 2022
mongod in MongoDB 2.6, when using 2.4-style users, and 2.4 allow remote attackers to cause a... High Unreviewed
CVE-2016-3104 was published May 17, 2022
ws-xmlrpc DoS Vulnerability Moderate
CVE-2016-5004 was published for org.apache.xmlrpc:xmlrpc-common (Maven) May 17, 2022
The wav_open_read function in frontend/input.c in Freeware Advanced Audio Coder (FAAC) 1.28... Moderate Unreviewed
CVE-2017-9129 was published May 17, 2022
The regex code in Webkit 2.4.11 allows remote attackers to cause a denial of service (memory... High Unreviewed
CVE-2016-9643 was published May 17, 2022
kittoframework kitto version 0.5.1 is vulnerable to memory exhaustion in the router resulting in DoS High Unreviewed
CVE-2017-1000064 was published May 17, 2022
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. The issue... High Unreviewed
CVE-2017-7007 was published May 17, 2022
The mod_dontdothat component of the mod_dav_svn Apache module in Subversion as packaged in Red... Moderate Unreviewed
CVE-2016-6312 was published May 17, 2022
The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1... High Unreviewed
CVE-2017-11526 was published May 17, 2022
The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1... High Unreviewed
CVE-2017-11530 was published May 17, 2022
The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1... High Unreviewed
CVE-2017-11527 was published May 17, 2022
The TDStretch::acceptNewOverlapLength function in source/SoundTouch/TDStretch.cpp in SoundTouch 1... Moderate Unreviewed
CVE-2017-9259 was published May 17, 2022
An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware... High Unreviewed
CVE-2017-6019 was published May 17, 2022
Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a... High Unreviewed
CVE-2015-2312 was published May 17, 2022
Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.2, when an application invokes the... High Unreviewed
CVE-2015-2313 was published May 17, 2022
The Intercluster Sync Agent Service in Cisco Unified Presence Server allows remote attackers to... Moderate Unreviewed
CVE-2014-3328 was published May 17, 2022
Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology... Moderate Unreviewed
CVE-2017-12076 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database