Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,810
Erlang
36
GitHub Actions
31
Go
2,395
Maven
5,000+
npm
4,030
NuGet
721
pip
3,820
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

414 advisories

Loading
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before... Moderate Unreviewed
CVE-2019-15165 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco IC3000 Industrial Compute Gateway... Moderate Unreviewed
CVE-2019-12714 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of... Moderate Unreviewed
CVE-2019-9516 was published May 24, 2022
A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8... Moderate Unreviewed
CVE-2019-10163 was published May 24, 2022
Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to memory exhaustion. By... Moderate Unreviewed
CVE-2019-13954 was published May 24, 2022
** DISPUTED ** In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of... Moderate Unreviewed
CVE-2019-13960 was published May 24, 2022
A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an... Moderate Unreviewed
CVE-2019-13112 was published May 24, 2022
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of... Moderate Unreviewed
CVE-2019-3882 was published May 24, 2022
Microsoft Communicator, and Communicator in Microsoft Office 2010 beta, allows remote attackers... Moderate Unreviewed
CVE-2008-5180 was published May 17, 2022
xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by ... Moderate Unreviewed
CVE-2022-30775 was published May 17, 2022
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve... Moderate Unreviewed
CVE-2018-5783 was published May 13, 2022
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection... Moderate Unreviewed
CVE-2018-5296 was published May 13, 2022
The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers... Moderate Unreviewed
CVE-2018-4868 was published May 13, 2022
An issue was discovered in Bento4 1.5.1-627. The AP4_StcoAtom class in Core/Ap4StcoAtom.cpp has... Moderate Unreviewed
CVE-2018-20659 was published May 13, 2022
An attempted excessive memory allocation was discovered in the function tinyexr::AllocateImage in... Moderate Unreviewed
CVE-2018-20652 was published May 13, 2022
An issue was discovered in EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4... Moderate Unreviewed
CVE-2018-20095 was published May 13, 2022
There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and... Moderate Unreviewed
CVE-2018-16645 was published May 13, 2022
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30,... Moderate Unreviewed
CVE-2018-13033 was published May 13, 2022
An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The Plane function in image... Moderate Unreviewed
CVE-2018-10971 was published May 13, 2022
GNU Binutils 2.28 allows remote attackers to cause a denial of service (memory consumption) via a... Moderate Unreviewed
CVE-2017-9039 was published May 13, 2022
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found... Moderate Unreviewed
CVE-2017-18219 was published May 13, 2022
_bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor (BFD) library (aka libbfd),... Moderate Unreviewed
CVE-2017-14938 was published May 13, 2022
The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS... Moderate Unreviewed
CVE-2017-12132 was published May 13, 2022
In ytnef 1.9.2, an allocation failure was found in the function TNEFFillMapi in ytnef.c, which... Moderate Unreviewed
CVE-2017-12144 was published May 13, 2022
A memory allocation vulnerability was found in netpbm before 10.61. A maliciously crafted SVG... Moderate Unreviewed
CVE-2017-2587 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database