Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,201 advisories

Loading
In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a heap... Moderate Unreviewed
CVE-2018-7519 was published May 13, 2022
In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a stack... Moderate Unreviewed
CVE-2018-7513 was published May 13, 2022
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds... Moderate Unreviewed
CVE-2016-7538 was published May 13, 2022
A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam... Moderate Unreviewed
CVE-2019-1788 was published May 13, 2022
The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID... Moderate Unreviewed
CVE-2016-5106 was published May 13, 2022
The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause... Moderate Unreviewed
CVE-2016-5238 was published May 13, 2022
QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual SCSI bus emulation support,... Moderate Unreviewed
CVE-2016-4952 was published May 13, 2022
The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow local OS guest privileged... Moderate Unreviewed
CVE-2017-15289 was published May 13, 2022
Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka Quick Emulator) allows local guest... Moderate Unreviewed
CVE-2017-10806 was published May 13, 2022
coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds... Moderate Unreviewed
CVE-2016-7526 was published May 13, 2022
An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common... Moderate Unreviewed
CVE-2018-5800 was published May 13, 2022
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd()... Moderate Unreviewed
CVE-2018-1071 was published May 13, 2022
cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted... Moderate Unreviewed
CVE-2018-18064 was published May 13, 2022
Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4... Moderate Unreviewed
CVE-2010-2520 was published May 13, 2022
Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType... Moderate Unreviewed
CVE-2010-2519 was published May 13, 2022
Heap-based buffer overflow in the zzip_mem_entry_extra_block function in memdisk.c in zziplib 0... Moderate Unreviewed
CVE-2017-5976 was published May 13, 2022
The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not... Moderate Unreviewed
CVE-2010-2498 was published May 13, 2022
Heap-based buffer overflow in the __zzip_get64 function in fetch.c in zziplib 0.13.62, 0.13.61, 0... Moderate Unreviewed
CVE-2017-5975 was published May 13, 2022
Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6 allows remote attackers to... Moderate Unreviewed
CVE-2017-12876 was published May 13, 2022
Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial... Moderate Unreviewed
CVE-2019-0161 was published May 13, 2022
In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input... Moderate Unreviewed
CVE-2018-18584 was published May 13, 2022
Stack-based buffer overflow in the vrend_decode_set_framebuffer_state function in vrend_decode.c... Moderate Unreviewed
CVE-2017-5957 was published May 13, 2022
Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the... Moderate Unreviewed
CVE-2018-16435 was published May 13, 2022
UltraVNC revision 1205 has stack-based buffer overflow vulnerability in VNC client code inside... Moderate Unreviewed
CVE-2019-8263 was published May 13, 2022
Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C... Moderate Unreviewed
CVE-2016-4429 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database