Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

471 advisories

Loading
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11... Moderate Unreviewed
CVE-2018-4113 was published May 13, 2022
An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service ... High Unreviewed
CVE-2018-19963 was published May 13, 2022
** DISPUTED ** Telegram Desktop (aka tdesktop) 1.3.14 might allow attackers to cause a denial of... High Unreviewed
CVE-2018-17231 was published May 13, 2022
The BPMDetect class in BPMDetect.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows... Moderate Unreviewed
CVE-2018-17096 was published May 13, 2022
The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a in Olli... High Unreviewed
CVE-2018-14044 was published May 13, 2022
The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli... High Unreviewed
CVE-2018-14045 was published May 13, 2022
In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context... Moderate Unreviewed
CVE-2018-13304 was published May 13, 2022
tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h. High Unreviewed
CVE-2018-12687 was published May 13, 2022
tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tinyexr.h. High Unreviewed
CVE-2018-12504 was published May 13, 2022
The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote... Moderate Unreviewed
CVE-2018-10963 was published May 13, 2022
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo,... Moderate Unreviewed
CVE-2017-9501 was published May 13, 2022
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function... Moderate Unreviewed
CVE-2017-9499 was published May 13, 2022
In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function... Moderate Unreviewed
CVE-2017-9500 was published May 13, 2022
sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers to cause a denial of... High Unreviewed
CVE-2017-8915 was published May 13, 2022
The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted,... Moderate Unreviewed
CVE-2017-8372 was published May 13, 2022
aacplusenc.c in HE-AAC+ Codec (aka libaacplus) 2.0.2 has an assertion failure, which might allow... High Unreviewed
CVE-2017-7605 was published May 13, 2022
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when... High Unreviewed
CVE-2017-7508 was published May 13, 2022
OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet... Moderate Unreviewed
CVE-2017-7479 was published May 13, 2022
seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (assertion... Moderate Unreviewed
CVE-2017-5981 was published May 13, 2022
User process can perform the kernel DOS in ashmem when doing cache maintenance operation in all... Moderate Unreviewed
CVE-2017-18169 was published May 13, 2022
In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp,... Moderate Unreviewed
CVE-2017-17722 was published May 13, 2022
OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote... High Unreviewed
CVE-2017-17432 was published May 13, 2022
RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote authenticated users to cause a denial... Moderate Unreviewed
CVE-2017-16818 was published May 13, 2022
ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG... Moderate Unreviewed
CVE-2017-14649 was published May 13, 2022
There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0... Moderate Unreviewed
CVE-2017-13727 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database