Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+

495 advisories

Loading
The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c... Critical Unreviewed
CVE-2017-12987 was published May 13, 2022
The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several... Critical Unreviewed
CVE-2017-12902 was published May 13, 2022
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c... Critical Unreviewed
CVE-2017-12896 was published May 13, 2022
The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print(). Critical Unreviewed
CVE-2017-12899 was published May 13, 2022
The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print(). Critical Unreviewed
CVE-2017-13028 was published May 13, 2022
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c... Critical Unreviewed
CVE-2017-13725 was published May 13, 2022
The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print(). Critical Unreviewed
CVE-2017-13687 was published May 13, 2022
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c... Critical Unreviewed
CVE-2017-13024 was published May 13, 2022
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print(). Critical Unreviewed
CVE-2017-13020 was published May 13, 2022
The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c... Critical Unreviewed
CVE-2017-13004 was published May 13, 2022
An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an... Critical Unreviewed
CVE-2018-14938 was published May 13, 2022
The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a... Critical Unreviewed
CVE-2017-16840 was published May 13, 2022
unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib... Critical Unreviewed
CVE-2017-14122 was published May 13, 2022
Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to... Critical Unreviewed
CVE-2016-6520 was published May 13, 2022
UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper... Critical Unreviewed
CVE-2019-8265 was published May 13, 2022
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder,... Critical Unreviewed
CVE-2019-8280 was published May 13, 2022
UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder... Critical Unreviewed
CVE-2019-8264 was published May 13, 2022
UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC code inside client CoRRE... Critical Unreviewed
CVE-2019-8261 was published May 13, 2022
UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC client RRE decoder code,... Critical Unreviewed
CVE-2019-8260 was published May 13, 2022
An issue was discovered in PHP 7.3.x before 7.3.1. An invalid multibyte string supplied as an... Critical Unreviewed
CVE-2019-9025 was published May 13, 2022
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is... Critical Unreviewed
CVE-2017-2620 was published May 13, 2022
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an... Critical Unreviewed
CVE-2017-2615 was published May 13, 2022
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability... Critical Unreviewed
CVE-2017-11213 was published May 13, 2022
Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015... Critical Unreviewed
CVE-2017-11306 was published May 13, 2022
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability... Critical Unreviewed
CVE-2017-3112 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database