Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,018 advisories

Loading
The lexer_process_char_literal function in jerry-core/parser/js/js-lexer.c in JerryScript 1.0... High Unreviewed
CVE-2017-9250 was published May 13, 2022
PgBouncer before 1.5.5 allows remote attackers to cause a denial of service (NULL pointer... High Unreviewed
CVE-2015-4054 was published May 13, 2022
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was... High Unreviewed
CVE-2019-10901 was published May 13, 2022
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not... High Unreviewed
CVE-2018-1094 was published May 13, 2022
ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a... High Unreviewed
CVE-2016-7132 was published May 13, 2022
ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a... High Unreviewed
CVE-2016-7131 was published May 13, 2022
JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed... High Unreviewed
CVE-2017-1000050 was published May 13, 2022
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003... High Unreviewed
CVE-2011-1229 was published May 13, 2022
SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Denial of Service (null pointer... High Unreviewed
CVE-2016-9562 was published May 13, 2022
A maliciously constructed HTTP/2 request could cause mod_http2 in Apache HTTP Server 2.4.24, 2.4... High Unreviewed
CVE-2017-7659 was published May 13, 2022
A Null Pointer Dereference issue was discovered in Schneider Electric Wonderware ArchestrA Logger... High Unreviewed
CVE-2017-9631 was published May 13, 2022
An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer... High Unreviewed
CVE-2018-14613 was published May 13, 2022
In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header... High Unreviewed
CVE-2017-18189 was published May 13, 2022
The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4... High Unreviewed
CVE-2016-10087 was published May 13, 2022
The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL pointer... High Unreviewed
CVE-2017-10790 was published May 13, 2022
In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement... High Unreviewed
CVE-2018-8740 was published May 13, 2022
pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing... High Unreviewed
CVE-2019-9923 was published May 13, 2022
The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle... High Unreviewed
CVE-2012-1097 was published May 13, 2022
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X;... High Unreviewed
CVE-2012-2039 was published May 13, 2022
sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer... High Unreviewed
CVE-2016-10708 was published May 13, 2022
In Eclipse Mosquitto version from 1.0 to 1.4.15, a Null Dereference vulnerability was found in... High Unreviewed
CVE-2017-7655 was published May 13, 2022
os/unix/ngx_files.c in nginx before 1.10.1 and 1.11.x before 1.11.1 allows remote attackers to... High Unreviewed
CVE-2016-4450 was published May 13, 2022
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a... High Unreviewed
CVE-2016-0742 was published May 13, 2022
systemd-resolved through 233 allows remote attackers to cause a denial of service (daemon crash)... High Unreviewed
CVE-2017-9217 was published May 13, 2022
dwarf_macro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service ... High Unreviewed
CVE-2016-5041 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database