Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

549 advisories

Loading
tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h. High Unreviewed
CVE-2018-12687 was published May 13, 2022
tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tinyexr.h. High Unreviewed
CVE-2018-12504 was published May 13, 2022
** DISPUTED ** Telegram Desktop (aka tdesktop) 1.3.14 might allow attackers to cause a denial of... High Unreviewed
CVE-2018-17231 was published May 13, 2022
The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a in Olli... High Unreviewed
CVE-2018-14044 was published May 13, 2022
The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli... High Unreviewed
CVE-2018-14045 was published May 13, 2022
In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context... Moderate Unreviewed
CVE-2018-13304 was published May 13, 2022
In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function... Moderate Unreviewed
CVE-2017-9500 was published May 13, 2022
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo,... Moderate Unreviewed
CVE-2017-9501 was published May 13, 2022
The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote... Moderate Unreviewed
CVE-2018-10963 was published May 13, 2022
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function... Moderate Unreviewed
CVE-2017-9499 was published May 13, 2022
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when... High Unreviewed
CVE-2017-7508 was published May 13, 2022
OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet... Moderate Unreviewed
CVE-2017-7479 was published May 13, 2022
In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp,... Moderate Unreviewed
CVE-2017-17722 was published May 13, 2022
OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote... High Unreviewed
CVE-2017-17432 was published May 13, 2022
User process can perform the kernel DOS in ashmem when doing cache maintenance operation in all... Moderate Unreviewed
CVE-2017-18169 was published May 13, 2022
In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c operates on an incorrect data... Moderate Unreviewed
CVE-2017-13132 was published May 13, 2022
In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage... Moderate Unreviewed
CVE-2017-12434 was published May 13, 2022
There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of... High Unreviewed
CVE-2017-12960 was published May 13, 2022
There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the... High Unreviewed
CVE-2017-12959 was published May 13, 2022
The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0... Moderate Unreviewed
CVE-2017-11524 was published May 13, 2022
The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure... High Unreviewed
CVE-2017-0376 was published May 13, 2022
The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure... High Unreviewed
CVE-2017-0375 was published May 13, 2022
Mistaken assumptions about the ordering of records in the answer section of a response containing... High Unreviewed
CVE-2017-3137 was published May 13, 2022
named contains a feature which allows operators to issue commands to a running server by... Moderate Unreviewed
CVE-2017-3138 was published May 13, 2022
While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode... High Unreviewed
CVE-2018-5734 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database