Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

403 advisories

Loading
In ZZIPlib 0.13.68, there is an uncontrolled memory allocation and a crash in the... Moderate Unreviewed
CVE-2018-6869 was published May 13, 2022
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly... Moderate Unreviewed
CVE-2018-7443 was published May 13, 2022
wasm::WasmBinaryBuilder::readUserSection in wasm-binary.cpp in Binaryen 1.38.22 triggers an... Moderate Unreviewed
CVE-2019-7704 was published May 13, 2022
An issue was discovered in Bento4 1.5.1-628. The AP4_ElstAtom class in Core/Ap4ElstAtom.cpp has... Moderate Unreviewed
CVE-2019-6966 was published May 13, 2022
An issue was discovered in AP4_Array<AP4_CttsTableEntry>::EnsureCapacity in Core/Ap4Array.h in... Moderate Unreviewed
CVE-2019-7698 was published May 13, 2022
An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of... Moderate Unreviewed
CVE-2019-6988 was published May 13, 2022
An attempted excessive memory allocation was discovered in the function read_long_names in... Moderate Unreviewed
CVE-2019-7148 was published May 13, 2022
The Bluetooth Classic implementation on Actions ATS2815 chipsets does not properly handle the... Moderate Unreviewed
CVE-2021-31787 was published Dec 1, 2021
An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class in doc/PdfPagesTreeCache.cpp... Moderate Unreviewed
CVE-2019-10723 was published May 13, 2022
Regular Expression Denial of Service (ReDOS) Moderate
CVE-2021-29060 was published for color-string (npm) Jun 22, 2021
Denial of service in direct_mail Moderate
CVE-2020-12697 was published for directmailteam/direct-mail (Composer) May 24, 2021
Crafted packets destined to the management interface (fxp0) of an SRX340 or SRX345 services... Moderate Unreviewed
CVE-2019-0038 was published May 13, 2022
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed... Moderate Unreviewed
CVE-2019-9076 was published May 13, 2022
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service ... Moderate Unreviewed
CVE-2019-9705 was published May 13, 2022
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed... Moderate Unreviewed
CVE-2019-9072 was published May 13, 2022
On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform... Moderate Unreviewed
CVE-2019-0005 was published May 13, 2022
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed... Moderate Unreviewed
CVE-2019-9073 was published May 13, 2022
Potential DOS attack due to unrestricted attachment count in messages Moderate
CVE-2019-12406 was published for org.apache.cxf:apache-cxf (Maven) Nov 8, 2019
The _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 mishandles EOCD records, which... Moderate Unreviewed
CVE-2017-14107 was published May 13, 2022
It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial... Moderate Unreviewed
CVE-2018-16846 was published May 13, 2022
An issue has been discovered in GitLab affecting all versions before 14.8.6, all versions... Moderate Unreviewed
CVE-2022-1428 was published May 12, 2022
Allocation of Resources Without Limits or Throttling in Apache Tika Moderate
CVE-2019-10093 was published for org.apache.tika:tika-parsers (Maven) Aug 6, 2019
relan exFAT 1.3.0 allows local users to obtain sensitive information (data from deleted files in... Moderate Unreviewed
CVE-2022-29973 was published May 3, 2022
A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All... Moderate Unreviewed
CVE-2022-41288 was published Dec 13, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer-overflow via getTransparentColor... Moderate Unreviewed
CVE-2022-35089 was published Sep 22, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database