Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

560 advisories

Loading
QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite... Moderate Unreviewed
CVE-2016-1981 was published May 13, 2022
An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibRaw versions prior to 0.18... High Unreviewed
CVE-2018-5813 was published May 13, 2022
QEMU (aka Quick Emulator), when built with the e1000e NIC emulation support, allows local guest... Moderate Unreviewed
CVE-2017-9310 was published May 13, 2022
In FFmpeg 2.4 and 3.3.3, the read_data function in libavformat/hls.c does not restrict reload... Moderate Unreviewed
CVE-2017-14058 was published May 13, 2022
The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows... Moderate Unreviewed
CVE-2018-19840 was published May 13, 2022
Loop with Unreachable Exit Condition in Netty High
CVE-2016-4970 was published for io.netty:netty-handler (Maven) May 13, 2022
sharonbz
An issue was discovered in cairo 1.16.0. There is an infinite loop in the function... Moderate Unreviewed
CVE-2019-6462 was published May 13, 2022
In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and... Moderate Unreviewed
CVE-2018-20467 was published May 13, 2022
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote... High Unreviewed
CVE-2017-16944 was published May 13, 2022
In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows... Critical Unreviewed
CVE-2018-20784 was published May 13, 2022
Loop with Unreachable Exit Condition in Apache CXF Moderate
CVE-2014-3584 was published for org.apache.cxf:cxf-rt-frontend-jaxrs (Maven) May 13, 2022
sunSUNQ SunBK201
There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to... High Unreviewed
CVE-2017-13728 was published May 13, 2022
In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the... Moderate Unreviewed
CVE-2018-5650 was published May 13, 2022
The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest... Moderate Unreviewed
CVE-2017-5973 was published May 13, 2022
The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local... Moderate Unreviewed
CVE-2016-8909 was published May 13, 2022
The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local... Moderate Unreviewed
CVE-2016-8910 was published May 13, 2022
An issue was discovered in Daimler Mercedes-Benz COMAND 17/13.0 50.12 on Mercedes-Benz C-Class... High Unreviewed
CVE-2018-18070 was published May 13, 2022
GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which... Moderate Unreviewed
CVE-2018-20482 was published May 13, 2022
In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c... Moderate Unreviewed
CVE-2018-10289 was published May 13, 2022
The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local... Moderate Unreviewed
CVE-2015-8785 was published May 13, 2022
The Kepware DNP Master Driver for the KEPServerEX Communications Platform before 5.12.140.0... High Unreviewed
CVE-2013-2789 was published May 13, 2022
In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC... High Unreviewed
CVE-2017-15908 was published May 13, 2022
The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause... High Unreviewed
CVE-2016-5042 was published May 13, 2022
Nokogiri gem, via libxml, is affected by DoS vulnerabilities High
CVE-2017-16932 was published for nokogiri (RubyGems) May 13, 2022
An infinite loop programming error exists in the DNS server functionality of Cesanta Mongoose 6.8... High Unreviewed
CVE-2017-2909 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database