Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,793
Erlang
36
GitHub Actions
29
Go
2,380
Maven
5,000+
npm
4,004
NuGet
720
pip
3,803
Pub
12
RubyGems
927
Rust
985
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

213 advisories

Loading
OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via... High Unreviewed
CVE-2017-7478 was published May 17, 2022
An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service ... High Unreviewed
CVE-2018-19963 was published May 13, 2022
** DISPUTED ** Telegram Desktop (aka tdesktop) 1.3.14 might allow attackers to cause a denial of... High Unreviewed
CVE-2018-17231 was published May 13, 2022
The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a in Olli... High Unreviewed
CVE-2018-14044 was published May 13, 2022
The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli... High Unreviewed
CVE-2018-14045 was published May 13, 2022
tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h. High Unreviewed
CVE-2018-12687 was published May 13, 2022
tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tinyexr.h. High Unreviewed
CVE-2018-12504 was published May 13, 2022
sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers to cause a denial of... High Unreviewed
CVE-2017-8915 was published May 13, 2022
aacplusenc.c in HE-AAC+ Codec (aka libaacplus) 2.0.2 has an assertion failure, which might allow... High Unreviewed
CVE-2017-7605 was published May 13, 2022
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when... High Unreviewed
CVE-2017-7508 was published May 13, 2022
OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote... High Unreviewed
CVE-2017-17432 was published May 13, 2022
There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of... High Unreviewed
CVE-2017-12960 was published May 13, 2022
There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the... High Unreviewed
CVE-2017-12959 was published May 13, 2022
The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure... High Unreviewed
CVE-2017-0376 was published May 13, 2022
The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure... High Unreviewed
CVE-2017-0375 was published May 13, 2022
Mistaken assumptions about the ordering of records in the answer section of a response containing... High Unreviewed
CVE-2017-3137 was published May 13, 2022
While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode... High Unreviewed
CVE-2018-5734 was published May 13, 2022
A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an... High Unreviewed
CVE-2018-5737 was published May 13, 2022
** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in... High Unreviewed
CVE-2018-7713 was published May 13, 2022
** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in... High Unreviewed
CVE-2018-7714 was published May 13, 2022
** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in... High Unreviewed
CVE-2018-7712 was published May 13, 2022
An assertion failure was discovered in wasm::WasmBinaryBuilder::getType() in wasm-binary.cpp in... High Unreviewed
CVE-2019-7662 was published May 13, 2022
The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote... High Unreviewed
CVE-2017-11692 was published May 13, 2022
named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1... High Unreviewed
CVE-2016-8864 was published May 13, 2022
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This... High Unreviewed
CVE-2019-10894 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database