Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

495 advisories

Loading
An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the... Critical Unreviewed
CVE-2018-11419 was published May 13, 2022
** DISPUTED ** TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse... Critical Unreviewed
CVE-2018-11210 was published May 13, 2022
curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read... Critical Unreviewed
CVE-2018-1000301 was published May 13, 2022
A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling... Critical Unreviewed
CVE-2018-1000122 was published May 13, 2022
In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) 2.6.1, there is a buffer... Critical Unreviewed
CVE-2017-9264 was published May 13, 2022
In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing the group mod OpenFlow... Critical Unreviewed
CVE-2017-9265 was published May 13, 2022
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in... Critical Unreviewed
CVE-2017-9193 was published May 13, 2022
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in... Critical Unreviewed
CVE-2017-9195 was published May 13, 2022
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in... Critical Unreviewed
CVE-2017-9166 was published May 13, 2022
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in... Critical Unreviewed
CVE-2017-9171 was published May 13, 2022
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in... Critical Unreviewed
CVE-2017-9194 was published May 13, 2022
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in... Critical Unreviewed
CVE-2017-9164 was published May 13, 2022
In LibTIFF 4.0.7, the program processes BMP images without verifying that biWidth and biHeight in... Critical Unreviewed
CVE-2017-9117 was published May 13, 2022
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the pnm_load_raw function... Critical Unreviewed
CVE-2017-9152 was published May 13, 2022
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in... Critical Unreviewed
CVE-2017-9165 was published May 13, 2022
In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect... Critical Unreviewed
CVE-2017-9058 was published May 13, 2022
The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as... Critical Unreviewed
CVE-2017-7226 was published May 13, 2022
readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing... Critical Unreviewed
CVE-2017-6969 was published May 13, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon... Critical Unreviewed
CVE-2017-18130 was published May 13, 2022
An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the... Critical Unreviewed
CVE-2017-18212 was published May 13, 2022
In Snapdragon Automobile, Snapdragon IoT and Snapdragon Mobile MDM9206 MDM9607, MDM9650, S820A,... Critical Unreviewed
CVE-2017-14910 was published May 13, 2022
The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print(). Critical Unreviewed
CVE-2017-13689 was published May 13, 2022
The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several... Critical Unreviewed
CVE-2017-13690 was published May 13, 2022
The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print(). Critical Unreviewed
CVE-2017-13688 was published May 13, 2022
A remote code execution vulnerability in the Android system (bluetooth). Product: Android.... Critical Unreviewed
CVE-2017-13160 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database