GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
434 advisories
Filter by severity
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a Netscaler file parser infinite loop,...
High
Unreviewed
CVE-2017-6467
was published
May 13, 2022
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "2 of 9....
Moderate
Unreviewed
CVE-2017-6299
was published
May 13, 2022
The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote...
High
Unreviewed
CVE-2017-6214
was published
May 13, 2022
In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an...
High
Unreviewed
CVE-2017-6014
was published
May 13, 2022
It was discovered that a programming error in the processing of HTTPS requests in the Apache...
High
Unreviewed
CVE-2017-6056
was published
May 13, 2022
The PoDoFo::PdfPage::GetInheritedKeyFromObject function in base/PdfVariant.cpp in PoDoFo 0.9.4...
Moderate
Unreviewed
CVE-2017-5852
was published
May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10...
Moderate
Unreviewed
CVE-2017-2417
was published
May 13, 2022
The arch_timer_reg_read_stable macro in arch/arm64/include/asm/arch_timer.h in the Linux kernel...
Moderate
Unreviewed
CVE-2017-18261
was published
May 13, 2022
An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::ParseCachedBoxes function in...
Moderate
Unreviewed
CVE-2017-18238
was published
May 13, 2022
When dynamic memory allocation fails, currently the process sleeps for one second and continues...
Moderate
Unreviewed
CVE-2017-18277
was published
May 13, 2022
An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in...
Moderate
Unreviewed
CVE-2017-18236
was published
May 13, 2022
The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local...
Moderate
Unreviewed
CVE-2017-18208
was published
May 13, 2022
An issue was discovered in QPDF before 7.0.0. There is an infinite loop in the QPDFWriter:...
Moderate
Unreviewed
CVE-2017-18183
was published
May 13, 2022
An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref...
Moderate
Unreviewed
CVE-2017-18186
was published
May 13, 2022
Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V600R006C00; TE50...
Moderate
Unreviewed
CVE-2017-17131
was published
May 13, 2022
Timergrp module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10;...
Moderate
Unreviewed
CVE-2017-17150
was published
May 13, 2022
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the...
Moderate
Unreviewed
CVE-2017-15835
was published
May 13, 2022
In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the...
High
Unreviewed
CVE-2017-15602
was published
May 13, 2022
Denial-of-service vulnerability in ArGoSoft Mini Mail Server 1.0.0.2 and earlier allows remote...
Moderate
Unreviewed
CVE-2017-15223
was published
May 13, 2022
find_abstract_instance_name in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd),...
Moderate
Unreviewed
CVE-2017-15024
was published
May 13, 2022
read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as...
Moderate
Unreviewed
CVE-2017-14933
was published
May 13, 2022
decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as...
Moderate
Unreviewed
CVE-2017-14932
was published
May 13, 2022
In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a...
High
Unreviewed
CVE-2017-14929
was published
May 13, 2022
In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after...
High
Unreviewed
CVE-2017-14519
was published
May 13, 2022
The DNS packet parser in YADIFA before 2.2.6 does not check for the presence of infinite pointer...
High
Unreviewed
CVE-2017-14339
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API