GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
395 advisories
Filter by severity
Docker Registry has Allocation of Resources Without Limits or Throttling
High
CVE-2017-11468
was published
for
github.com/docker/distribution
(Go)
May 13, 2022
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email...
High
Unreviewed
CVE-2018-15460
was published
May 13, 2022
The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause...
High
Unreviewed
CVE-2017-12691
was published
May 13, 2022
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMPCImage...
High
Unreviewed
CVE-2017-12430
was published
May 13, 2022
The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to...
High
Unreviewed
CVE-2017-12692
was published
May 13, 2022
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadSUNImage...
High
Unreviewed
CVE-2017-12435
was published
May 13, 2022
In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in the function ReadPSDImage...
High
Unreviewed
CVE-2017-12563
was published
May 13, 2022
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMIFFImage...
High
Unreviewed
CVE-2017-12429
was published
May 13, 2022
In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which...
High
Unreviewed
CVE-2017-13133
was published
May 13, 2022
The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause...
High
Unreviewed
CVE-2017-12693
was published
May 13, 2022
The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remote attackers to cause a...
High
Unreviewed
CVE-2017-12875
was published
May 13, 2022
A vulnerability in the egress packet processing functionality of the Cisco StarOS operating...
High
Unreviewed
CVE-2018-0239
was published
May 13, 2022
A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance (ASA) Software and...
High
Unreviewed
CVE-2018-15399
was published
May 13, 2022
A vulnerability in the cryptographic hardware accelerator driver of Cisco Adaptive Security...
High
Unreviewed
CVE-2018-15383
was published
May 13, 2022
A vulnerability in the file descriptor handling of Cisco TelePresence Video Communication Server ...
High
Unreviewed
CVE-2018-0358
was published
May 13, 2022
IBM API Connect 2018.1 through 2018.3.7 could allow an unauthenticated attacker to cause a denial...
High
Unreviewed
CVE-2018-1779
was published
May 13, 2022
An SRX Series Service Gateway configured for Unified Threat Management (UTM) may experience a...
High
Unreviewed
CVE-2019-0010
was published
May 13, 2022
Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which...
High
Unreviewed
CVE-2019-6486
was published
May 13, 2022
The readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have...
High
Unreviewed
CVE-2019-7582
was published
May 13, 2022
The parseSWF_ACTIONRECORD function in util/parser.c in libming through 0.4.8 allows remote...
High
Unreviewed
CVE-2019-7581
was published
May 13, 2022
In Tor before 0.3.3.12, 0.3.4.x before 0.3.4.11, 0.3.5.x before 0.3.5.8, and 0.4.x before 0.4.0.2...
High
Unreviewed
CVE-2019-8955
was published
May 13, 2022
remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows...
High
Unreviewed
CVE-2018-12934
was published
May 13, 2022
IBM QRadar Incident Forensics 7.2 and 7.3 does not properly restrict the size or amount of...
High
Unreviewed
CVE-2018-1647
was published
May 13, 2022
A vulnerability in the Shell Access Filter feature of Cisco Firepower Management Center (FMC),...
High
Unreviewed
CVE-2018-15458
was published
May 13, 2022
It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without...
High
Unreviewed
CVE-2018-10908
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API