Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,208 advisories

Loading
This vulnerability allows remote attackers to disclose sensitive information on vulnerable... Moderate Unreviewed
CVE-2018-9963 was published May 13, 2022
This vulnerability allows remote attackers to disclose sensitive information on vulnerable... Moderate Unreviewed
CVE-2018-9978 was published May 13, 2022
This vulnerability allows remote attackers to disclose sensitive information on vulnerable... Moderate Unreviewed
CVE-2018-9976 was published May 13, 2022
This vulnerability allows remote attackers to disclose sensitive information on vulnerable... Moderate Unreviewed
CVE-2018-9971 was published May 13, 2022
This vulnerability allows remote attackers to disclose sensitive information on vulnerable... Moderate Unreviewed
CVE-2018-9950 was published May 13, 2022
This vulnerability allows remote attackers to disclose sensitive information on vulnerable... Moderate Unreviewed
CVE-2018-9973 was published May 13, 2022
This vulnerability allows remote attackers to disclose sensitive information on vulnerable... Moderate Unreviewed
CVE-2018-9972 was published May 13, 2022
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function... Moderate Unreviewed
CVE-2018-18025 was published May 13, 2022
This vulnerability allows remote attackers to disclose sensitive information on vulnerable... Moderate Unreviewed
CVE-2018-10479 was published May 13, 2022
This vulnerability allows remote attackers to disclose sensitive information on vulnerable... Moderate Unreviewed
CVE-2018-10475 was published May 13, 2022
This vulnerability allows remote attackers to disclose sensitive information on vulnerable... Moderate Unreviewed
CVE-2018-10478 was published May 13, 2022
This vulnerability allows remote attackers to disclose sensitive information on vulnerable... Moderate Unreviewed
CVE-2018-10476 was published May 13, 2022
The faacEncOpen function in libfaac/frame.c in Freeware Advanced Audio Coder (FAAC) 1.28 allows... Moderate Unreviewed
CVE-2017-9130 was published May 13, 2022
libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial... Moderate Unreviewed
CVE-2011-3970 was published May 13, 2022
The sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to... Moderate Unreviewed
CVE-2016-3183 was published May 13, 2022
The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qemu allows local OS guest... Moderate Unreviewed
CVE-2017-18030 was published May 13, 2022
This vulnerability allows remote attackers to disclose sensitive information on vulnerable... Moderate Unreviewed
CVE-2018-17699 was published May 13, 2022
This vulnerability allows remote attackers to disclose sensitive information on vulnerable... Moderate Unreviewed
CVE-2018-17686 was published May 13, 2022
This vulnerability allows remote attackers to disclose sensitive information on vulnerable... Moderate Unreviewed
CVE-2018-17622 was published May 13, 2022
The jpc_undo_roi function in libjasper/jpc/jpc_dec.c in JasPer 1.900.27 allows remote attackers... Moderate Unreviewed
CVE-2017-5504 was published May 13, 2022
JasPer 2.0.12 allows remote attackers to cause a denial of service (heap-based buffer over-read... Moderate Unreviewed
CVE-2017-9782 was published May 13, 2022
jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read. Moderate Unreviewed
CVE-2018-20570 was published May 13, 2022
The lqt_frame_duration function in lqt_quicktime.c in libquicktime 1.2.4 allows remote attackers... Moderate Unreviewed
CVE-2017-9125 was published May 13, 2022
The lqt_frame_duration function in lqt_quicktime.c in libquicktime 1.2.4 allows remote attackers... Moderate Unreviewed
CVE-2017-9123 was published May 13, 2022
The quicktime_video_width function in lqt_quicktime.c in libquicktime 1.2.4 allows remote... Moderate Unreviewed
CVE-2017-9128 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database