Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,291 advisories

Loading
Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6... High Unreviewed
CVE-2011-0663 was published May 13, 2022
In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might... Moderate Unreviewed
CVE-2017-14173 was published May 13, 2022
Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xattr_write functions in hw... Moderate Unreviewed
CVE-2016-9104 was published May 13, 2022
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in... Critical Unreviewed
CVE-2018-7225 was published May 13, 2022
Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a large LONG_BINPUT value... High Unreviewed
CVE-2018-20406 was published May 13, 2022
Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick... Moderate Unreviewed
CVE-2017-5898 was published May 13, 2022
Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS... High Unreviewed
CVE-2017-5931 was published May 13, 2022
Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick... High Unreviewed
CVE-2017-14167 was published May 13, 2022
qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest... High Unreviewed
CVE-2018-12617 was published May 13, 2022
A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could... High Unreviewed
CVE-2018-16881 was published May 13, 2022
Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows... Critical Unreviewed
CVE-2017-14062 was published May 13, 2022
Integer overflow in the rds_rdma_pages function in net/rds/rdma.c in the Linux kernel allows... High Unreviewed
CVE-2010-3865 was published May 13, 2022
The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to... Moderate Unreviewed
CVE-2018-19665 was published May 13, 2022
In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function... Moderate Unreviewed
CVE-2018-5727 was published May 13, 2022
In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the... Moderate Unreviewed
CVE-2018-5785 was published May 13, 2022
The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an... Moderate Unreviewed
CVE-2017-15873 was published May 13, 2022
Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to... High Unreviewed
CVE-2016-2147 was published May 13, 2022
Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown... Low Unreviewed
CVE-2016-9085 was published May 13, 2022
An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry-... High Unreviewed
CVE-2018-5709 was published May 13, 2022
Integer overflow in the gray_render_span function in smooth/ftgrays.c in FreeType before 2.4.0... Moderate Unreviewed
CVE-2010-2500 was published May 13, 2022
Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause... High Unreviewed
CVE-2016-6823 was published May 13, 2022
A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of... High Unreviewed
CVE-2016-6328 was published May 13, 2022
Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21... High Unreviewed
CVE-2015-8982 was published May 13, 2022
corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c. Critical Unreviewed
CVE-2018-1084 was published May 13, 2022
In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys... High Unreviewed
CVE-2017-7482 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database