Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

142 advisories

Loading
Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data... High Unreviewed
CVE-2017-15268 was published May 13, 2022
ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c. High Unreviewed
CVE-2017-15033 was published May 13, 2022
Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is... High Unreviewed
CVE-2017-14495 was published May 13, 2022
In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in the function ReadVIPSImage... High Unreviewed
CVE-2017-14684 was published May 13, 2022
In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into an infinite loop. This was... High Unreviewed
CVE-2017-15189 was published May 13, 2022
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function... High Unreviewed
CVE-2017-14325 was published May 13, 2022
There are lots of memory leaks in JasPer 2.0.12, triggered in the function jas_strdup() in base... High Unreviewed
CVE-2017-13748 was published May 13, 2022
Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4... High Unreviewed
CVE-2015-7701 was published May 13, 2022
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadDCMImage in coders\dcm.c. High Unreviewed
CVE-2017-12644 was published May 13, 2022
ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c,... High Unreviewed
CVE-2017-12418 was published May 13, 2022
The SAP Message Server HTTP daemon in SAP KERNEL 7.21-7.49 allows remote attackers to cause a... High Unreviewed
CVE-2017-5997 was published May 13, 2022
When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint... High Unreviewed
CVE-2025-22891 was published Feb 5, 2025
This issue was addressed by improved management of object lifetimes. This issue is fixed in macOS... High Unreviewed
CVE-2025-24120 was published Jan 28, 2025
A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL... High Unreviewed
CVE-2019-3821 was published May 13, 2022
Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated... High Unreviewed
CVE-2023-1150 was published Jun 26, 2023
Uncontrolled resource consumption in Zoom SDKs before 5.14.7 may allow an unauthenticated user to... High Unreviewed
CVE-2023-36533 was published Aug 8, 2023
A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process,... High Unreviewed
CVE-2024-39562 was published Jul 11, 2024
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and... High Unreviewed
CVE-2018-0158 was published May 13, 2022
In the Linux kernel, the following vulnerability has been resolved: ubifs: Set page uptodate in... High Unreviewed
CVE-2024-35821 was published May 17, 2024
The Video_Converter app 0.1.0 for Nextcloud allows denial of service (CPU and memory consumption)... High Unreviewed
CVE-2019-18214 was published May 24, 2022
Boa through 0.94.14rc21 allows remote attackers to trigger a memory leak because of missing calls... High Unreviewed
CVE-2018-21028 was published May 24, 2022
A failure to free memory can occur when processing messages having a specific combination of EDNS... High Unreviewed
CVE-2018-5744 was published May 24, 2022
Foxit Reader before 9.7 allows an Access Violation and crash if insufficient memory exists. High Unreviewed
CVE-2019-17183 was published May 24, 2022
A service worker can send the activate event on itself periodically which allows it to run... High Unreviewed
CVE-2018-5179 was published May 24, 2022
PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which... High Unreviewed
CVE-2010-4657 was published Apr 21, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database