Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,037 advisories

Loading
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service,... High Unreviewed
CVE-2019-4046 was published May 13, 2022
Moxa IKS and EDS allow remote authenticated users to cause a denial of service via a specially... Moderate Unreviewed
CVE-2019-6559 was published May 13, 2022
In libming 0.4.8, a memory exhaustion vulnerability was found in the function... Moderate Unreviewed
CVE-2018-7876 was published May 13, 2022
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.... Moderate Unreviewed
CVE-2018-17985 was published May 13, 2022
ColossusCoinXT through 1.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial... High Unreviewed
CVE-2018-19158 was published May 13, 2022
A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to... High Unreviewed
CVE-2017-3144 was published May 13, 2022
Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) and earlier, when using an unsupported... Moderate Unreviewed
CVE-2013-5567 was published May 13, 2022
An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20.... Moderate Unreviewed
CVE-2015-9253 was published May 13, 2022
Bitcoin Core before v0.13.0 allows denial of service (memory exhaustion) triggered by the remote... High Unreviewed
CVE-2016-10724 was published May 13, 2022
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial... High Unreviewed
CVE-2018-12122 was published May 13, 2022
Node.js versions 9.7.0 and later and 10.x are vulnerable and the severity is MEDIUM. A bug... High Unreviewed
CVE-2018-7164 was published May 13, 2022
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with... High Unreviewed
CVE-2018-12121 was published May 13, 2022
Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service ... Moderate Unreviewed
CVE-2011-3954 was published May 13, 2022
Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a... Moderate Unreviewed
CVE-2017-15298 was published May 13, 2022
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS before 15.0(1... High Unreviewed
CVE-2010-4671 was published May 13, 2022
CallManager Express (CME) on Cisco IOS before 15.0(1)XA1 does not properly handle SIP TRUNK... High Unreviewed
CVE-2010-4686 was published May 13, 2022
The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators... Moderate Unreviewed
CVE-2016-4037 was published May 13, 2022
Google Chrome before 9.0.597.94 does not properly perform process termination upon memory... High Unreviewed
CVE-2011-0985 was published May 13, 2022
An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif... High Unreviewed
CVE-2018-20030 was published May 13, 2022
Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of service (memory exhaustion... High Unreviewed
CVE-2016-6171 was published May 13, 2022
NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting... High Unreviewed
CVE-2016-7426 was published May 13, 2022
A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS (12.0... High Unreviewed
CVE-2017-3857 was published May 13, 2022
** DISPUTED ** Integer signedness error in the pmcraid_ioctl_passthrough function in drivers/scsi... Moderate Unreviewed
CVE-2011-2906 was published May 13, 2022
The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly... Moderate Unreviewed
CVE-2012-0879 was published May 13, 2022
The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event... Moderate Unreviewed
CVE-2011-2918 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database