GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,370
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,749
Maven 4,978
npm 3,509
NuGet 609
pip 3,084
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,313

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

197 advisories

Filter by severity

Sort by

Least recently updated

The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery... High Unreviewed

CVE-2016-3627 was published May 14, 2022

libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary key but found non-name... High Unreviewed

CVE-2018-9918 was published May 13, 2022

An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30.... Moderate Unreviewed

CVE-2018-9996 was published May 13, 2022

pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream... Moderate Unreviewed

CVE-2018-6544 was published May 13, 2022

In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image... Moderate Unreviewed

CVE-2018-5772 was published May 13, 2022

jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary... Moderate Unreviewed

CVE-2018-5759 was published May 13, 2022

Endless recursion when handling responses from an IAS-ECC card in iasecc_select_file in libopensc... Moderate Unreviewed

CVE-2018-16426 was published May 13, 2022

Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a... Moderate Unreviewed

CVE-2018-11597 was published May 13, 2022

An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree:... Moderate Unreviewed

CVE-2018-11254 was published May 13, 2022

In uClibc 0.9.33.2, there is stack exhaustion (uncontrolled recursion) in the... High Unreviewed

CVE-2017-9729 was published May 13, 2022

In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows remote attackers to cause... High Unreviewed

CVE-2017-9766 was published May 13, 2022

In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion)... Moderate Unreviewed

CVE-2017-9617 was published May 13, 2022

In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in... Moderate Unreviewed

CVE-2017-9616 was published May 13, 2022

libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of... High Unreviewed

CVE-2017-9304 was published May 13, 2022

The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in... High Unreviewed

CVE-2017-5839 was published May 13, 2022

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017... Moderate Unreviewed

CVE-2017-16419 was published May 13, 2022

There is a stack consumption issue in LibSass 3.4.5 that is triggered in the function Sass::Eval:... High Unreviewed

CVE-2017-12964 was published May 13, 2022

There is a stack consumption vulnerability in the lex function in parser.hpp (as used in sassc)... High Unreviewed

CVE-2017-11554 was published May 13, 2022

There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser... High Unreviewed

CVE-2017-11556 was published May 13, 2022

A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4... Moderate Unreviewed

CVE-2017-0692 was published May 13, 2022

It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not... High Unreviewed

CVE-2016-9597 was published May 13, 2022

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Denial of Service attack. Due to an... Moderate Unreviewed

CVE-2017-0886 was published May 13, 2022

poppler through version 0.55.0 is vulnerable to an uncontrolled recursion in pdfunite resulting... Moderate Unreviewed

CVE-2017-7515 was published May 13, 2022

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix... High Unreviewed

CVE-2018-20796 was published May 13, 2022

An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and... Moderate Unreviewed

CVE-2018-9138 was published May 13, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

197 advisories