Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

481 advisories

Loading
The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print(). Critical Unreviewed
CVE-2017-12992 was published May 13, 2022
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print(). Critical Unreviewed
CVE-2017-12994 was published May 13, 2022
The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print(). Critical Unreviewed
CVE-2017-12996 was published May 13, 2022
The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse(). Critical Unreviewed
CVE-2017-12988 was published May 13, 2022
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c... Critical Unreviewed
CVE-2017-12986 was published May 13, 2022
The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print(). Critical Unreviewed
CVE-2017-12985 was published May 13, 2022
The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print(). Critical Unreviewed
CVE-2017-12901 was published May 13, 2022
The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x... Critical Unreviewed
CVE-2017-12933 was published May 13, 2022
The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print(). Critical Unreviewed
CVE-2017-12895 was published May 13, 2022
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c... Critical Unreviewed
CVE-2017-12894 was published May 13, 2022
The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c... Critical Unreviewed
CVE-2017-12897 was published May 13, 2022
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c... Critical Unreviewed
CVE-2017-12900 was published May 13, 2022
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply(). Critical Unreviewed
CVE-2017-12898 was published May 13, 2022
The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len(). Critical Unreviewed
CVE-2017-12893 was published May 13, 2022
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an... Critical Unreviewed
CVE-2017-12377 was published May 13, 2022
tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c,... Critical Unreviewed
CVE-2017-11541 was published May 13, 2022
tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c. Critical Unreviewed
CVE-2017-11542 was published May 13, 2022
In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers... Critical Unreviewed
CVE-2017-11147 was published May 13, 2022
The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other... Critical Unreviewed
CVE-2017-10989 was published May 13, 2022
Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop... Critical Unreviewed
CVE-2017-1000173 was published May 13, 2022
An information disclosure vulnerability in the Android media framework (n/a). Product: Android.... Critical Unreviewed
CVE-2017-0854 was published May 13, 2022
The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow... Critical Unreviewed
CVE-2016-8620 was published May 13, 2022
A "Cisco WebEx Network Recording Player Out-of-Bounds Vulnerability" exists in Cisco WebEx... Critical Unreviewed
CVE-2017-12369 was published May 13, 2022
An out-of-bounds read (CWE-125) vulnerability exists in Micro Focus VisiBroker 8.5. The... Critical Unreviewed
CVE-2017-9283 was published May 13, 2022
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS... Critical Unreviewed
CVE-2018-0310 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database