Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,866
Erlang
36
GitHub Actions
36
Go
2,491
Maven
5,000+
npm
4,110
NuGet
735
pip
3,933
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

309 advisories

Loading
The make_available_at_least function in io-tiff.c in gdk-pixbuf allows context-dependent... Moderate Unreviewed
CVE-2017-6314 was published May 13, 2022
The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0... Moderate Unreviewed
CVE-2017-6505 was published May 13, 2022
The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest... Moderate Unreviewed
CVE-2017-5973 was published May 13, 2022
The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.5 allows... Moderate Unreviewed
CVE-2017-8054 was published May 13, 2022
PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption) via a crafted... Moderate Unreviewed
CVE-2017-8053 was published May 13, 2022
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion... Moderate Unreviewed
CVE-2017-9210 was published May 13, 2022
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion... Moderate Unreviewed
CVE-2017-9208 was published May 13, 2022
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion... Moderate Unreviewed
CVE-2017-9209 was published May 13, 2022
smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability ... Moderate Unreviewed
CVE-2017-9461 was published May 13, 2022
QEMU (aka Quick Emulator), when built with the e1000e NIC emulation support, allows local guest... Moderate Unreviewed
CVE-2017-9310 was published May 13, 2022
QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows... Moderate Unreviewed
CVE-2017-9330 was published May 13, 2022
QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local... Moderate Unreviewed
CVE-2017-9375 was published May 13, 2022
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to... Moderate Unreviewed
CVE-2017-11624 was published May 13, 2022
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to... Moderate Unreviewed
CVE-2017-11626 was published May 13, 2022
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to... Moderate Unreviewed
CVE-2017-11625 was published May 13, 2022
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to... Moderate Unreviewed
CVE-2017-11627 was published May 13, 2022
ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to... Moderate Unreviewed
CVE-2015-7850 was published May 13, 2022
The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers... Moderate Unreviewed
CVE-2017-14741 was published May 13, 2022
read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as... Moderate Unreviewed
CVE-2017-14933 was published May 13, 2022
decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as... Moderate Unreviewed
CVE-2017-14932 was published May 13, 2022
find_abstract_instance_name in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd),... Moderate Unreviewed
CVE-2017-15024 was published May 13, 2022
Denial-of-service vulnerability in ArGoSoft Mini Mail Server 1.0.0.2 and earlier allows remote... Moderate Unreviewed
CVE-2017-15223 was published May 13, 2022
GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw... Moderate Unreviewed
CVE-2020-29385 was published May 24, 2022
In FRRouting (FRR) through 9.1, an infinite loop can occur when receiving a MP/GR capability as a... Moderate Unreviewed
CVE-2024-31949 was published Apr 7, 2024
In the Linux kernel, the following vulnerability has been resolved: filemap: Fix bounds checking... Moderate Unreviewed
CVE-2024-50272 was published Nov 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database