GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
182 advisories
Filter by severity
tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tinyexr.h.
High
Unreviewed
CVE-2018-12504
was published
May 13, 2022
sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers to cause a denial of...
High
Unreviewed
CVE-2017-8915
was published
May 13, 2022
aacplusenc.c in HE-AAC+ Codec (aka libaacplus) 2.0.2 has an assertion failure, which might allow...
High
Unreviewed
CVE-2017-7605
was published
May 13, 2022
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when...
High
Unreviewed
CVE-2017-7508
was published
May 13, 2022
OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote...
High
Unreviewed
CVE-2017-17432
was published
May 13, 2022
There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of...
High
Unreviewed
CVE-2017-12960
was published
May 13, 2022
There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the...
High
Unreviewed
CVE-2017-12959
was published
May 13, 2022
The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure...
High
Unreviewed
CVE-2017-0375
was published
May 13, 2022
The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure...
High
Unreviewed
CVE-2017-0376
was published
May 13, 2022
Mistaken assumptions about the ordering of records in the answer section of a response containing...
High
Unreviewed
CVE-2017-3137
was published
May 13, 2022
A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an...
High
Unreviewed
CVE-2018-5737
was published
May 13, 2022
While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode...
High
Unreviewed
CVE-2018-5734
was published
May 13, 2022
** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in...
High
Unreviewed
CVE-2018-7714
was published
May 13, 2022
** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in...
High
Unreviewed
CVE-2018-7713
was published
May 13, 2022
** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in...
High
Unreviewed
CVE-2018-7712
was published
May 13, 2022
An assertion failure was discovered in wasm::WasmBinaryBuilder::getType() in wasm-binary.cpp in...
High
Unreviewed
CVE-2019-7662
was published
May 13, 2022
The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote...
High
Unreviewed
CVE-2017-11692
was published
May 13, 2022
named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1...
High
Unreviewed
CVE-2016-8864
was published
May 13, 2022
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This...
High
Unreviewed
CVE-2019-10894
was published
May 13, 2022
The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an...
High
Unreviewed
CVE-2018-15822
was published
May 13, 2022
There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2...
High
Unreviewed
CVE-2017-13751
was published
May 13, 2022
There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in...
High
Unreviewed
CVE-2017-13745
was published
May 13, 2022
There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer...
High
Unreviewed
CVE-2017-13752
was published
May 13, 2022
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296...
High
Unreviewed
CVE-2017-13750
was published
May 13, 2022
There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer...
High
Unreviewed
CVE-2017-13747
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API