GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
68 advisories
Filter by severity
In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1...
Moderate
Unreviewed
CVE-2019-12973
was published
May 24, 2022
A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping...
High
Unreviewed
CVE-2021-4021
was published
Feb 25, 2022
In the Accounts package, there is a possible crash due to improper input validation. This could...
Moderate
Unreviewed
CVE-2019-9376
was published
May 24, 2022
Using the Location API in a loop could have caused severe application hangs and crashes. This...
Moderate
Unreviewed
CVE-2021-43545
was published
Dec 9, 2021
A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and...
Moderate
Unreviewed
CVE-2020-14303
was published
May 24, 2022
An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU"...
Moderate
Unreviewed
CVE-2021-28950
was published
May 24, 2022
In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386...
High
Unreviewed
CVE-2021-3128
was published
May 24, 2022
In Gargoyle OS 1.12.0, when IPv6 is used, a routing loop can occur that generates excessive...
High
Unreviewed
CVE-2021-23270
was published
May 24, 2022
In TP-Link TL-XDR3230 < 1.0.12, TL-XDR1850 < 1.0.9, TL-XDR1860 < 1.0.14, TL-XDR3250 < 1.0.2, TL...
High
Unreviewed
CVE-2021-3125
was published
May 24, 2022
Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow...
Moderate
Unreviewed
CVE-2022-0585
was published
Feb 19, 2022
Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet...
High
Unreviewed
CVE-2021-4190
was published
Dec 31, 2021
Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows...
High
Unreviewed
CVE-2021-39924
was published
Nov 20, 2021
Dell PowerScale OneFS versions 9.1.0.3 and earlier contain a denial of service vulnerability....
Moderate
Unreviewed
CVE-2021-21565
was published
May 24, 2022
In Storage Performance Development Kit (SPDK) before 19.01, a malicious vhost client (i.e.,...
Moderate
Unreviewed
CVE-2019-9547
was published
May 13, 2022
In libavformat/nsvdec.c in FFmpeg 2.4 and 3.3.3, a DoS in nsv_parse_NSVf_header() due to lack of...
High
Unreviewed
CVE-2017-14171
was published
May 13, 2022
In libavformat/mxfdec.c in FFmpeg 3.3.3 -> 2.4, a DoS in mxf_read_index_entry_array() due to lack...
High
Unreviewed
CVE-2017-14170
was published
May 13, 2022
In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an...
High
Unreviewed
CVE-2017-14174
was published
May 13, 2022
In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of...
High
Unreviewed
CVE-2017-14175
was published
May 13, 2022
In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of...
High
Unreviewed
CVE-2017-14172
was published
May 13, 2022
In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the function ReadPDBImage in...
High
Unreviewed
CVE-2017-12674
was published
May 13, 2022
In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders...
High
Unreviewed
CVE-2017-17914
was published
May 13, 2022
An issue was discovered in Free Lossless Image Format (FLIF) 0.3. An attacker can trigger a long...
Moderate
Unreviewed
CVE-2018-11507
was published
May 13, 2022
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-wccp.c had a large loop...
High
Unreviewed
CVE-2018-7323
was published
May 13, 2022
NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of...
High
Unreviewed
CVE-2021-39923
was published
Nov 20, 2021
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c had a large loop...
High
Unreviewed
CVE-2018-7321
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API