Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

5,030 advisories

Loading
elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments,... Moderate Unreviewed
CVE-2017-7613 was published May 14, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10... Moderate Unreviewed
CVE-2017-2479 was published May 14, 2022
NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial... Moderate Unreviewed
CVE-2017-6463 was published May 14, 2022
The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 allows remote attackers to... Moderate Unreviewed
CVE-2016-9394 was published May 14, 2022
coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of representable values of type... Moderate Unreviewed
CVE-2017-7606 was published May 17, 2022
WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of... Moderate Unreviewed
CVE-2017-6837 was published May 17, 2022
An issue was discovered in by-email/by-email.php in the Invite Anyone plugin before 1.3.15 for... Moderate Unreviewed
CVE-2017-6955 was published May 13, 2022
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a bypass in the quota limitation. Due to... Moderate Unreviewed
CVE-2017-0887 was published May 13, 2022
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Content-Spoofing vulnerability in the ... Moderate Unreviewed
CVE-2017-0888 was published May 17, 2022
Device Guard in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows remote... Moderate Unreviewed
CVE-2017-0007 was published May 17, 2022
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users... Moderate Unreviewed
CVE-2017-6436 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10... Moderate Unreviewed
CVE-2017-2442 was published May 17, 2022
The add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 allows local users to... Moderate Unreviewed
CVE-2014-9645 was published May 14, 2022
The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.14 allows remote attackers to... Moderate Unreviewed
CVE-2016-9390 was published May 14, 2022
The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with... Moderate Unreviewed
CVE-2016-10228 was published May 13, 2022
The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG... Moderate Unreviewed
CVE-2016-5240 was published May 14, 2022
IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object... Moderate Unreviewed
CVE-2016-9009 was published May 17, 2022
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue... Moderate Unreviewed
CVE-2017-2371 was published May 13, 2022
Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3... Moderate Unreviewed
CVE-2016-8017 was published May 17, 2022
In WordPress before 4.7.3 (wp-includes/pluggable.php), control characters can trick redirect URL... Moderate Unreviewed
CVE-2017-6815 was published May 14, 2022
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a... Moderate Unreviewed
CVE-2017-5606 was published May 13, 2022
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a... Moderate Unreviewed
CVE-2017-5592 was published May 13, 2022
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a... Moderate Unreviewed
CVE-2017-5593 was published May 17, 2022
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a... Moderate Unreviewed
CVE-2017-5603 was published May 17, 2022
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a... Moderate Unreviewed
CVE-2017-5589 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database