GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
90 advisories
Filter by severity
A use-after-free vulnerability exists in the RS-274X aperture definition tokenization...
High
Unreviewed
CVE-2021-40401
was published
Feb 10, 2022
Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user...
Moderate
Unreviewed
CVE-2021-0107
was published
Feb 11, 2022
Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly...
Critical
Unreviewed
CVE-2022-23806
was published
Feb 12, 2022
A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that...
Moderate
Unreviewed
CVE-2021-42780
was published
Apr 19, 2022
manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the...
Critical
Unreviewed
CVE-1999-0199
was published
Apr 21, 2022
In Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw the exception captured during...
Moderate
Unreviewed
CVE-2021-41041
was published
Apr 28, 2022
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return...
Moderate
Unreviewed
CVE-2002-1372
was published
Apr 30, 2022
The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional...
High
Unreviewed
CVE-2005-4360
was published
May 1, 2022
Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote...
Moderate
Unreviewed
CVE-2007-3798
was published
May 1, 2022
mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the...
High
Unreviewed
CVE-2007-5191
was published
May 1, 2022
Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value...
Moderate
Unreviewed
CVE-2009-0265
was published
May 2, 2022
The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a...
Moderate
Unreviewed
CVE-2010-0211
was published
May 2, 2022
Unchecked return value in the BIOS firmware for some Intel(R) Processors may allow a privileged...
Moderate
Unreviewed
CVE-2021-0155
was published
May 13, 2022
The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the...
Moderate
Unreviewed
CVE-2016-10061
was published
May 13, 2022
The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not...
Moderate
Unreviewed
CVE-2016-10060
was published
May 13, 2022
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The...
High
Unreviewed
CVE-2018-14622
was published
May 13, 2022
The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders...
Moderate
Unreviewed
CVE-2018-16643
was published
May 13, 2022
In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet...
High
Unreviewed
CVE-2019-10902
was published
May 13, 2022
QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not...
High
Unreviewed
CVE-2018-20216
was published
May 13, 2022
In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was...
High
Unreviewed
CVE-2018-14367
was published
May 13, 2022
A remote denial of service vulnerability in libhevc in Mediaserver could enable an attacker to...
High
Unreviewed
CVE-2017-0599
was published
May 13, 2022
A remote code execution vulnerability in the Android media framework (libhevc). Product: Android....
High
Unreviewed
CVE-2017-0720
was published
May 13, 2022
A denial of service vulnerability in the Android media framework (libstagefright). Product:...
High
Unreviewed
CVE-2017-0774
was published
May 13, 2022
dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the...
High
Unreviewed
CVE-2017-6964
was published
May 13, 2022
FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in...
High
Unreviewed
CVE-2019-15942
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API