GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,715
Erlang
34
GitHub Actions
28
Go
2,303
Maven
5,000+
npm
3,946
NuGet
711
pip
3,716
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+
306 advisories
Filter by severity
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing...
Moderate
Unreviewed
CVE-2020-27618
was published
May 24, 2022
Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a...
Moderate
Unreviewed
CVE-2015-5239
was published
May 24, 2022
FileZilla FTP server before 0.9.6, when using MODE Z (zlib compression), allows remote attackers...
Moderate
Unreviewed
CVE-2005-0851
was published
May 1, 2022
aspnet_wp.exe in Microsoft ASP.NET web services allows remote attackers to cause a denial of...
Moderate
Unreviewed
CVE-2005-2224
was published
May 1, 2022
In setEnabledSetting of PackageManager.java, there is a possible way to get the device into an...
Moderate
Unreviewed
CVE-2022-20476
was published
Dec 13, 2022
An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end...
Moderate
Unreviewed
CVE-2021-42715
was published
May 24, 2022
Adobe Shockwave Player before 11.5.7.609 allows remote attackers to cause a denial of service ...
Moderate
Unreviewed
CVE-2010-1282
was published
May 2, 2022
ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite...
Moderate
Unreviewed
CVE-2012-0248
was published
May 4, 2022
The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local...
Moderate
Unreviewed
CVE-2015-8785
was published
May 13, 2022
GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which...
Moderate
Unreviewed
CVE-2018-20482
was published
May 13, 2022
In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the...
Moderate
Unreviewed
CVE-2018-5650
was published
May 13, 2022
In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and...
Moderate
Unreviewed
CVE-2018-20467
was published
May 13, 2022
An issue was discovered in cairo 1.16.0. There is an infinite loop in the function...
Moderate
Unreviewed
CVE-2019-6462
was published
May 13, 2022
The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows...
Moderate
Unreviewed
CVE-2018-19840
was published
May 13, 2022
In FFmpeg 2.4 and 3.3.3, the read_data function in libavformat/hls.c does not restrict reload...
Moderate
Unreviewed
CVE-2017-14058
was published
May 13, 2022
A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A...
Moderate
Unreviewed
CVE-2020-25641
was published
May 24, 2022
QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is...
Moderate
Unreviewed
CVE-2016-9776
was published
May 13, 2022
A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid...
Moderate
Unreviewed
CVE-2019-3819
was published
May 13, 2022
The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emulator) allows local guest OS...
Moderate
Unreviewed
CVE-2016-7909
was published
May 13, 2022
libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service ...
Moderate
Unreviewed
CVE-2018-14567
was published
May 13, 2022
hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause...
Moderate
Unreviewed
CVE-2017-8112
was published
May 13, 2022
Infinite loop in Apache Tika
Moderate
CVE-2021-28657
was published
for
org.apache.tika:tika
(Maven)
May 10, 2021
Infinite loop in Apache MINA
Moderate
CVE-2021-41973
was published
for
org.apache.mina:mina-core
(Maven)
Nov 3, 2021
libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0...
Moderate
Unreviewed
CVE-2019-1000020
was published
May 13, 2022
Improper Handling of Missing Values in kaml
Moderate
CVE-2021-39194
was published
for
com.charleskorn.kaml:kaml
(Maven)
Sep 7, 2021
ProTip!
Advisories are also available from the
GraphQL API