Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

11,123 advisories

Loading
Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote... Critical Unreviewed
CVE-2017-11394 was published May 17, 2022
In libquicktime 1.2.4, an allocation failure was found in the function quicktime_read_info in... Moderate Unreviewed
CVE-2017-12143 was published May 17, 2022
In libquicktime 1.2.4, an allocation failure was found in the function quicktime_read_ftyp in... Moderate Unreviewed
CVE-2017-12145 was published May 17, 2022
In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the... High Unreviewed
CVE-2016-2161 was published May 13, 2022
GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map... High Unreviewed
CVE-2017-11638 was published May 14, 2022
In LibTIFF 4.0.8, there is a denial of service vulnerability in the TIFFOpen function. A crafted... Moderate Unreviewed
CVE-2017-11613 was published May 14, 2022
Intense PC Phoenix SecureCore UEFI firmware does not perform capsule signature validation before... High Unreviewed
CVE-2017-9457 was published May 17, 2022
Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0,... High Unreviewed
CVE-2017-11499 was published May 17, 2022
The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77... High Unreviewed
CVE-2015-7703 was published May 13, 2022
In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, leading to an assertion... Moderate Unreviewed
CVE-2017-12670 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before... Moderate Unreviewed
CVE-2017-7064 was published May 14, 2022
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or... High Unreviewed
CVE-2017-11411 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash. This was... High Unreviewed
CVE-2017-11408 was published May 14, 2022
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an... High Unreviewed
CVE-2017-11410 was published May 13, 2022
The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux... Critical Unreviewed
CVE-2017-9811 was published May 17, 2022
In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-... Critical Unreviewed
CVE-2017-9788 was published May 13, 2022
iSmartAlarm cube devices allow Denial of Service. Sending a SYN flood on port 12345 will freeze... High Unreviewed
CVE-2017-7730 was published May 13, 2022
In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the... High Unreviewed
CVE-2016-10397 was published May 14, 2022
scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not properly process file names... High Unreviewed
CVE-2015-4035 was published May 14, 2022
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 5.0... Moderate Unreviewed
CVE-2017-0689 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the MQ dissector could crash. This was addressed... High Unreviewed
CVE-2017-11407 was published May 14, 2022
Zoho ManageEngine Desktop Central before build 100092 allows remote attackers to execute... Critical Unreviewed
CVE-2017-11346 was published May 17, 2022
In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8Array... High Unreviewed
CVE-2017-10688 was published May 14, 2022
OpenDaylight defense4all 1.1.0 and earlier allows remote authenticated users to write report data... High Unreviewed
CVE-2014-8149 was published May 17, 2022
The ReadOneJNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to... High Unreviewed
CVE-2017-11102 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database