Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,866
Erlang
36
GitHub Actions
36
Go
2,491
Maven
5,000+
npm
4,111
NuGet
735
pip
3,933
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

261 advisories

Loading
Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a... Moderate Unreviewed
CVE-2015-5239 was published May 24, 2022
The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a... Moderate Unreviewed
CVE-2015-5278 was published May 24, 2022
In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an uncontrolled resource... Moderate Unreviewed
CVE-2020-1600 was published May 24, 2022
An exploitable denial-of-service vulnerability exists in the Dicom-packet parsing functionality... Moderate Unreviewed
CVE-2019-5091 was published May 24, 2022
Improper Check for filenames with overly long extensions in PostMaster (sending in email) or... Moderate Unreviewed
CVE-2019-18180 was published May 24, 2022
When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid... Moderate Unreviewed
CVE-2019-19451 was published May 24, 2022
An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of... Moderate Unreviewed
CVE-2019-17349 was published May 24, 2022
An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of... Moderate Unreviewed
CVE-2019-17350 was published May 24, 2022
In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service... Moderate Unreviewed
CVE-2019-15143 was published May 24, 2022
In Libav 12.3, there is an infinite loop in the function wv_read_block_header() in the file wvdec.c. Moderate Unreviewed
CVE-2019-14372 was published May 24, 2022
mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does... Moderate Unreviewed
CVE-2019-1010189 was published May 24, 2022
Zipios before 0.1.7 does not properly handle certain malformed zip archives and can go into an... Moderate Unreviewed
CVE-2019-13453 was published May 24, 2022
On BIG-IP 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, Malformed http requests made to an undisclosed... Moderate Unreviewed
CVE-2019-6638 was published May 24, 2022
An improperly performed length calculation on a buffer in PlaintextRecordLayer could lead to an... Moderate Unreviewed
CVE-2019-3560 was published May 24, 2022
A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization... Moderate Unreviewed
CVE-2022-29028 was published May 21, 2022
imagemagick 6.8.9.6 has remote DOS via infinite loop Moderate Unreviewed
CVE-2014-8561 was published May 17, 2022
avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a... Moderate Unreviewed
CVE-2011-1002 was published May 17, 2022
Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in... Moderate Unreviewed
CVE-2011-1142 was published May 17, 2022
The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote... Moderate Unreviewed
CVE-2018-9251 was published May 13, 2022
In Long Range Zip (aka lrzip) 0.631, there is an infinite loop in the runzip_fd function of... Moderate Unreviewed
CVE-2018-9058 was published May 13, 2022
Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch... Moderate Unreviewed
CVE-2018-7453 was published May 13, 2022
An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause... Moderate Unreviewed
CVE-2018-7174 was published May 13, 2022
VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x and 14.x) and Fusion (11.x and 10.x) contain a... Moderate Unreviewed
CVE-2018-6977 was published May 13, 2022
NVIDIA GPU Display Driver contains a vulnerability in the DirectX and OpenGL Usermode drivers... Moderate Unreviewed
CVE-2018-6253 was published May 13, 2022
In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage... Moderate Unreviewed
CVE-2018-5685 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database