Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,316 advisories

Loading
rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through... High Unreviewed
CVE-2017-8779 was published May 13, 2022
GNU Binutils 2.28 allows remote attackers to cause a denial of service (memory consumption) via a... Moderate Unreviewed
CVE-2017-9039 was published May 13, 2022
An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The Plane function in image... Moderate Unreviewed
CVE-2018-10971 was published May 13, 2022
A stack exhaustion vulnerability in the search function of dtSearch 7.90.8538.1 and prior allows... High Unreviewed
CVE-2018-11488 was published May 13, 2022
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30,... Moderate Unreviewed
CVE-2018-13033 was published May 13, 2022
A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS... High Unreviewed
CVE-2018-15373 was published May 13, 2022
There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and... Moderate Unreviewed
CVE-2018-16645 was published May 13, 2022
An issue was discovered in EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4... Moderate Unreviewed
CVE-2018-20095 was published May 13, 2022
Go Ethereum (aka geth) 1.8.19 allows attackers to cause a denial of service (memory consumption)... High Unreviewed
CVE-2018-20421 was published May 13, 2022
An attempted excessive memory allocation was discovered in the function tinyexr::AllocateImage in... Moderate Unreviewed
CVE-2018-20652 was published May 13, 2022
An issue was discovered in Bento4 1.5.1-627. The AP4_StcoAtom class in Core/Ap4StcoAtom.cpp has... Moderate Unreviewed
CVE-2018-20659 was published May 13, 2022
The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers... Moderate Unreviewed
CVE-2018-4868 was published May 13, 2022
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection... Moderate Unreviewed
CVE-2018-5296 was published May 13, 2022
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve... Moderate Unreviewed
CVE-2018-5783 was published May 13, 2022
WebLog Expert Web Server Enterprise 9.4 allows Remote Denial Of Service (daemon crash) via a long... High Unreviewed
CVE-2018-7582 was published May 13, 2022
VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to... High Unreviewed
CVE-2017-15124 was published May 14, 2022
Django Denial-of-service possibility with strip_tags High
CVE-2015-2316 was published for Django (pip) May 14, 2022
MarkLee131
Credited to MarkLee131
Apache Tika vulnerable to uncontrolled memory consumption Moderate
CVE-2022-25169 was published for org.apache.tika:tika (Maven) May 17, 2022
xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by ... Moderate Unreviewed
CVE-2022-30775 was published May 17, 2022
tar-split memory exhaustion Moderate
CVE-2017-14992 was published for github.com/vbatts/tar-split (Go) May 17, 2022
Django denial of service via empty session record creation Moderate
CVE-2015-5963 was published for Django (pip) May 17, 2022
MarkLee131
Credited to MarkLee131
Microsoft Communicator, and Communicator in Microsoft Office 2010 beta, allows remote attackers... Moderate Unreviewed
CVE-2008-5180 was published May 17, 2022
OpenStack Compute (Nova) Denial of service via a large number of calls to the addFixedIp function High
CVE-2013-1838 was published for nova (pip) May 17, 2022
priority vulnerable to denial of service Moderate
CVE-2016-6580 was published for priority (pip) May 17, 2022
OpenStack Glance Denial of service by creating a large number of images High
CVE-2015-1881 was published for glance (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database