Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,732
Erlang
35
GitHub Actions
29
Go
2,310
Maven
5,000+
npm
3,949
NuGet
711
pip
3,728
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

306 advisories

Loading
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing... Moderate Unreviewed
CVE-2020-27618 was published May 24, 2022
Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a... Moderate Unreviewed
CVE-2015-5239 was published May 24, 2022
FileZilla FTP server before 0.9.6, when using MODE Z (zlib compression), allows remote attackers... Moderate Unreviewed
CVE-2005-0851 was published May 1, 2022
aspnet_wp.exe in Microsoft ASP.NET web services allows remote attackers to cause a denial of... Moderate Unreviewed
CVE-2005-2224 was published May 1, 2022
In setEnabledSetting of PackageManager.java, there is a possible way to get the device into an... Moderate Unreviewed
CVE-2022-20476 was published Dec 13, 2022
An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end... Moderate Unreviewed
CVE-2021-42715 was published May 24, 2022
Adobe Shockwave Player before 11.5.7.609 allows remote attackers to cause a denial of service ... Moderate Unreviewed
CVE-2010-1282 was published May 2, 2022
ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite... Moderate Unreviewed
CVE-2012-0248 was published May 4, 2022
The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local... Moderate Unreviewed
CVE-2015-8785 was published May 13, 2022
GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which... Moderate Unreviewed
CVE-2018-20482 was published May 13, 2022
In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the... Moderate Unreviewed
CVE-2018-5650 was published May 13, 2022
In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and... Moderate Unreviewed
CVE-2018-20467 was published May 13, 2022
An issue was discovered in cairo 1.16.0. There is an infinite loop in the function... Moderate Unreviewed
CVE-2019-6462 was published May 13, 2022
The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows... Moderate Unreviewed
CVE-2018-19840 was published May 13, 2022
In FFmpeg 2.4 and 3.3.3, the read_data function in libavformat/hls.c does not restrict reload... Moderate Unreviewed
CVE-2017-14058 was published May 13, 2022
A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A... Moderate Unreviewed
CVE-2020-25641 was published May 24, 2022
QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is... Moderate Unreviewed
CVE-2016-9776 was published May 13, 2022
A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid... Moderate Unreviewed
CVE-2019-3819 was published May 13, 2022
The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emulator) allows local guest OS... Moderate Unreviewed
CVE-2016-7909 was published May 13, 2022
libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service ... Moderate Unreviewed
CVE-2018-14567 was published May 13, 2022
hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause... Moderate Unreviewed
CVE-2017-8112 was published May 13, 2022
Infinite loop in Apache Tika Moderate
CVE-2021-28657 was published for org.apache.tika:tika (Maven) May 10, 2021
Infinite loop in Apache MINA Moderate
CVE-2021-41973 was published for org.apache.mina:mina-core (Maven) Nov 3, 2021
aikebah
libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0... Moderate Unreviewed
CVE-2019-1000020 was published May 13, 2022
Improper Handling of Missing Values in kaml Moderate
CVE-2021-39194 was published for com.charleskorn.kaml:kaml (Maven) Sep 7, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database