Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

499 advisories

Loading
It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without... High Unreviewed
CVE-2018-10908 was published May 13, 2022
A vulnerability in the TCP throttling process for Cisco IoT Field Network Director (IoT-FND)... High Unreviewed
CVE-2017-6780 was published May 13, 2022
A vulnerability in the TCP connection handling functionality of Cisco Remote Expert Manager... High Unreviewed
CVE-2017-6641 was published May 13, 2022
A vulnerability in the TCP throttling process of Cisco Prime Network could allow an... High Unreviewed
CVE-2018-0137 was published May 13, 2022
An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator... High Unreviewed
CVE-2017-0612 was published May 13, 2022
A denial of service vulnerability in the Android media framework (libskia). Product: Android.... High Unreviewed
CVE-2017-0771 was published May 13, 2022
IBM Tivoli Endpoint Manager could allow a unauthorized user to consume all resources and crash... High Unreviewed
CVE-2017-1227 was published May 13, 2022
The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1... High Unreviewed
CVE-2017-11525 was published May 13, 2022
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadPCXImage... High Unreviewed
CVE-2017-12432 was published May 13, 2022
A vulnerability in the Android media framework (libhevc) related to handling ps_codec_obj memory... High Unreviewed
CVE-2017-13190 was published May 13, 2022
The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29... High Unreviewed
CVE-2017-13716 was published May 13, 2022
The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation... High Unreviewed
CVE-2017-12944 was published May 13, 2022
ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c. High Unreviewed
CVE-2017-14531 was published May 13, 2022
A vulnerability in the Android media framework (libavc) related to handling dec_hdl memory... High Unreviewed
CVE-2017-13189 was published May 13, 2022
In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function... High Unreviewed
CVE-2017-18028 was published May 13, 2022
Vulnerability in the Oracle iReceivables component of Oracle E-Business Suite (subcomponent: Self... High Unreviewed
CVE-2017-3555 was published May 13, 2022
libplist allows attackers to cause a denial of service (large memory allocation and crash) via... High Unreviewed
CVE-2017-5835 was published May 13, 2022
A vulnerability in the authentication, authorization, and accounting (AAA) implementation of... High Unreviewed
CVE-2017-3883 was published May 13, 2022
A STUN server in conjunction with a large number of "webkitRTCPeerConnection" objects can be used... High Unreviewed
CVE-2017-5388 was published May 13, 2022
httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a... High Unreviewed
CVE-2017-5850 was published May 13, 2022
A vulnerability in the TCP throttling process for the GUI of the Cisco Identity Services Engine ... High Unreviewed
CVE-2017-6653 was published May 13, 2022
SAP AS JAVA SSO Authentication Library 2.0 through 3.0 allow remote attackers to cause a denial... High Unreviewed
CVE-2017-7696 was published May 13, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel memory can... High Unreviewed
CVE-2017-8253 was published May 13, 2022
** DISPUTED ** The GNU Multiple Precision Arithmetic Library (GMP) interfaces for PHP through 7.1... High Unreviewed
CVE-2017-7963 was published May 13, 2022
rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through... High Unreviewed
CVE-2017-8779 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database