Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,361
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,794
NuGet
685
pip
3,473
Pub
12
RubyGems
895
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

573 advisories

Loading
In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the... Moderate Unreviewed
CVE-2018-5650 was published May 13, 2022
The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest... Moderate Unreviewed
CVE-2017-5973 was published May 13, 2022
The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local... Moderate Unreviewed
CVE-2016-8910 was published May 13, 2022
The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local... Moderate Unreviewed
CVE-2016-8909 was published May 13, 2022
An issue was discovered in Daimler Mercedes-Benz COMAND 17/13.0 50.12 on Mercedes-Benz C-Class... High Unreviewed
CVE-2018-18070 was published May 13, 2022
GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which... Moderate Unreviewed
CVE-2018-20482 was published May 13, 2022
In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c... Moderate Unreviewed
CVE-2018-10289 was published May 13, 2022
The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local... Moderate Unreviewed
CVE-2015-8785 was published May 13, 2022
The Kepware DNP Master Driver for the KEPServerEX Communications Platform before 5.12.140.0... High Unreviewed
CVE-2013-2789 was published May 13, 2022
In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC... High Unreviewed
CVE-2017-15908 was published May 13, 2022
The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause... High Unreviewed
CVE-2016-5042 was published May 13, 2022
Nokogiri gem, via libxml, is affected by DoS vulnerabilities High
CVE-2017-16932 was published for nokogiri (RubyGems) May 13, 2022
An infinite loop programming error exists in the DNS server functionality of Cesanta Mongoose 6.8... High Unreviewed
CVE-2017-2909 was published May 13, 2022
perl-Convert-ASN1 (aka the Convert::ASN1 module for Perl) through 0.27 allows remote attackers to... Moderate Unreviewed
CVE-2013-7488 was published May 5, 2022
ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite... Moderate Unreviewed
CVE-2012-0248 was published May 4, 2022
Adobe Shockwave Player before 11.5.7.609 allows remote attackers to cause a denial of service ... Moderate Unreviewed
CVE-2010-1282 was published May 2, 2022
smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows... Moderate Unreviewed
CVE-2009-2906 was published May 2, 2022
libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service ... High Unreviewed
CVE-2009-1270 was published May 2, 2022
The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird... Moderate Unreviewed
CVE-2006-6499 was published May 1, 2022
aspnet_wp.exe in Microsoft ASP.NET web services allows remote attackers to cause a denial of... Moderate Unreviewed
CVE-2005-2224 was published May 1, 2022
FileZilla FTP server before 0.9.6, when using MODE Z (zlib compression), allows remote attackers... Moderate Unreviewed
CVE-2005-0851 was published May 1, 2022
In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the... Moderate Unreviewed
CVE-2018-5786 was published Apr 30, 2022
mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU... Moderate Unreviewed
CVE-2004-0748 was published Apr 29, 2022
The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote... Moderate Unreviewed
CVE-2004-0753 was published Apr 29, 2022
Manipulated inline images can cause Infinite Loop in PyPDF2 Moderate
CVE-2022-24859 was published for PyPDF2 (pip) Apr 22, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database