Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

221 advisories

Loading
The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure... High Unreviewed
CVE-2017-0375 was published May 13, 2022
Mistaken assumptions about the ordering of records in the answer section of a response containing... High Unreviewed
CVE-2017-3137 was published May 13, 2022
While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode... High Unreviewed
CVE-2018-5734 was published May 13, 2022
A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an... High Unreviewed
CVE-2018-5737 was published May 13, 2022
** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in... High Unreviewed
CVE-2018-7712 was published May 13, 2022
** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in... High Unreviewed
CVE-2018-7714 was published May 13, 2022
** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in... High Unreviewed
CVE-2018-7713 was published May 13, 2022
An assertion failure was discovered in wasm::WasmBinaryBuilder::getType() in wasm-binary.cpp in... High Unreviewed
CVE-2019-7662 was published May 13, 2022
The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote... High Unreviewed
CVE-2017-11692 was published May 13, 2022
named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1... High Unreviewed
CVE-2016-8864 was published May 13, 2022
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This... High Unreviewed
CVE-2019-10894 was published May 13, 2022
There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2... High Unreviewed
CVE-2017-13751 was published May 13, 2022
There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in... High Unreviewed
CVE-2017-13745 was published May 13, 2022
There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer... High Unreviewed
CVE-2017-13752 was published May 13, 2022
There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer... High Unreviewed
CVE-2017-13747 was published May 13, 2022
There is a reachable assertion abort in the function jpc_pi_nextrpcl() in jpc/jpc_t2cod.c in... High Unreviewed
CVE-2017-13749 was published May 13, 2022
The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows remote attackers to cause a... High Unreviewed
CVE-2016-9397 was published May 13, 2022
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296... High Unreviewed
CVE-2017-13750 was published May 13, 2022
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297... High Unreviewed
CVE-2017-13746 was published May 13, 2022
The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to... High Unreviewed
CVE-2016-9398 was published May 13, 2022
The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a... High Unreviewed
CVE-2016-9399 was published May 13, 2022
A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker... High Unreviewed
CVE-2017-3139 was published May 13, 2022
An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting... High Unreviewed
CVE-2018-17205 was published May 13, 2022
"deny-answer-aliases" is a little-used feature intended to help recursive server operators... High Unreviewed
CVE-2018-5740 was published May 13, 2022
A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and... High Unreviewed
CVE-2021-27498 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database