GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
481 advisories
Filter by severity
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS...
Critical
Unreviewed
CVE-2018-0304
was published
May 13, 2022
Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior performs read...
Critical
Unreviewed
CVE-2018-10623
was published
May 13, 2022
Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco,...
Critical
Unreviewed
CVE-2018-14790
was published
May 13, 2022
Fuji Electric V-Server 4.0.3.0 and prior, An out-of-bounds read vulnerability has been identified...
Critical
Unreviewed
CVE-2018-14819
was published
May 13, 2022
LAquis SCADA Versions 4.1.0.3870 and prior has several out-of-bounds read vulnerabilities, which...
Critical
Unreviewed
CVE-2018-17895
was published
May 13, 2022
The implementations of streams for bz2 and php://output improperly implemented their readImpl...
Critical
Unreviewed
CVE-2019-3557
was published
May 13, 2022
Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device...
Critical
Unreviewed
CVE-2019-6522
was published
May 13, 2022
The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers...
Critical
Unreviewed
CVE-2017-5209
was published
May 13, 2022
The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to...
Critical
Unreviewed
CVE-2017-5545
was published
May 13, 2022
The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a...
Critical
Unreviewed
CVE-2017-16548
was published
May 13, 2022
libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in...
Critical
Unreviewed
CVE-2017-7544
was published
May 13, 2022
UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper...
Critical
Unreviewed
CVE-2019-8266
was published
May 13, 2022
The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote attackers to cause a...
Critical
Unreviewed
CVE-2015-8608
was published
May 13, 2022
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers...
Critical
Unreviewed
CVE-2018-18313
was published
May 13, 2022
Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc...
Critical
Unreviewed
CVE-2019-9631
was published
May 13, 2022
The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x...
Critical
Unreviewed
CVE-2014-1508
was published
May 13, 2022
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the...
Critical
Unreviewed
CVE-2019-11006
was published
May 13, 2022
Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of...
Critical
Unreviewed
CVE-2016-7951
was published
May 13, 2022
The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a...
Critical
Unreviewed
CVE-2017-8872
was published
May 13, 2022
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png...
Critical
Unreviewed
CVE-2017-13139
was published
May 13, 2022
The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c...
Critical
Unreviewed
CVE-2017-12987
was published
May 13, 2022
The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several...
Critical
Unreviewed
CVE-2017-12902
was published
May 13, 2022
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c...
Critical
Unreviewed
CVE-2017-12896
was published
May 13, 2022
The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().
Critical
Unreviewed
CVE-2017-12899
was published
May 13, 2022
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c...
Critical
Unreviewed
CVE-2017-13725
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API