Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

585 advisories

Loading
The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause... High Unreviewed
CVE-2017-12691 was published May 13, 2022
The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remote attackers to cause a... High Unreviewed
CVE-2017-12875 was published May 13, 2022
The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause... High Unreviewed
CVE-2017-12693 was published May 13, 2022
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadSUNImage... High Unreviewed
CVE-2017-12435 was published May 13, 2022
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email... High Unreviewed
CVE-2018-15460 was published May 13, 2022
Docker Registry has Allocation of Resources Without Limits or Throttling High
CVE-2017-11468 was published for github.com/docker/distribution (Go) May 13, 2022
Specific IPv6 DHCP packets received by the jdhcpd daemon will cause a memory resource consumption... High Unreviewed
CVE-2019-0031 was published May 13, 2022
A vulnerability in the UDP protocol implementation for Cisco IoT Field Network Director (IoT-FND)... High Unreviewed
CVE-2019-1644 was published May 13, 2022
A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated,... High Unreviewed
CVE-2019-1599 was published May 13, 2022
ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ReadOneJNGImage in coders\png.c. High Unreviewed
CVE-2017-12643 was published May 13, 2022
Keep-alive HTTP and HTTPS connections can remain open and inactive for up to 2 minutes in Node.js... High Unreviewed
CVE-2019-5739 was published May 13, 2022
In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before... High Unreviewed
CVE-2019-5737 was published May 13, 2022
An allocation of memory without limits, that could result in the stack clashing with another... High Unreviewed
CVE-2018-16864 was published May 13, 2022
An allocation of memory without limits, that could result in the stack clashing with another... High Unreviewed
CVE-2018-16865 was published May 13, 2022
ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers,... High Unreviewed
CVE-2019-10953 was published May 13, 2022
The jv_dump_term function in jq 1.5 allows remote attackers to cause a denial of service (stack... High Unreviewed
CVE-2016-4074 was published May 13, 2022
A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS... High Unreviewed
CVE-2019-1737 was published May 13, 2022
Denial of service in Spring Framework High
CVE-2022-22970 was published for org.springframework:spring-beans (Maven) May 13, 2022
amita-seal sunSUNQ
An issue has been discovered in GitLab affecting all versions starting from 13.9 before 14.8.6,... High Unreviewed
CVE-2022-1510 was published May 12, 2022
Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin is vulnerable to Buffer Overflow. The stack... High Unreviewed
CVE-2022-28556 was published May 5, 2022
A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD... High Unreviewed
CVE-2022-20751 was published May 4, 2022
A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD)... High Unreviewed
CVE-2022-20767 was published May 4, 2022
A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD)... High Unreviewed
CVE-2022-20757 was published May 4, 2022
The SIP channel driver in Asterisk Open Source 1.2.x before 1.2.34, 1.4.x before 1.4.26.1, 1.6.0... High Unreviewed
CVE-2009-2726 was published May 2, 2022
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6... High Unreviewed
CVE-2009-2054 was published May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database