Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

351 advisories

Loading
A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker... High Unreviewed
CVE-2017-3139 was published May 13, 2022
There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound... Moderate Unreviewed
CVE-2017-15371 was published May 13, 2022
An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting... Moderate Unreviewed
CVE-2018-17204 was published May 13, 2022
An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting... High Unreviewed
CVE-2018-17205 was published May 13, 2022
An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD)... High Unreviewed
CVE-2017-7539 was published May 13, 2022
A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17.... Moderate Unreviewed
CVE-2018-20217 was published May 13, 2022
"deny-answer-aliases" is a little-used feature intended to help recursive server operators... High Unreviewed
CVE-2018-5740 was published May 13, 2022
A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and... High Unreviewed
CVE-2021-27498 was published May 13, 2022
A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and... High Unreviewed
CVE-2021-27500 was published May 13, 2022
There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel... Moderate Unreviewed
CVE-2022-29977 was published May 12, 2022
In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in utils/bitstream.c has a failed... High Unreviewed
CVE-2022-29339 was published May 6, 2022
KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG... Moderate Unreviewed
CVE-2006-6811 was published May 1, 2022
oftpd before 0.3.7 allows remote attackers to cause a denial of service (daemon abort) via a (1)... High Unreviewed
CVE-2006-6767 was published May 1, 2022
OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via... Moderate Unreviewed
CVE-2006-5779 was published May 1, 2022
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of... Moderate Unreviewed
CVE-2006-4095 was published May 1, 2022
quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal Moderate Unreviewed
CVE-2012-5521 was published Apr 23, 2022
Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT... High Unreviewed
CVE-2011-3596 was published Apr 22, 2022
An authenticated user may trigger an invariant assertion during command dispatch due to incorrect... Moderate Unreviewed
CVE-2022-24272 was published Apr 22, 2022
A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of... High Unreviewed
CVE-2022-20694 was published Apr 16, 2022
There is an Assertion failure in MariaDB Server v10.9 and below via 'node->pcur->rel_pos ==... High Unreviewed
CVE-2022-27448 was published Apr 15, 2022
MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component... High Unreviewed
CVE-2022-27382 was published Apr 13, 2022
Possible assertion due to improper validation of invalid NR CSI-IM resource configuration in... High Unreviewed
CVE-2021-30328 was published Apr 2, 2022
Possible assertion due to improper validation of TCI configuration in Snapdragon Auto, Snapdragon... High Unreviewed
CVE-2021-30329 was published Apr 2, 2022
Possible assertion due to improper validation of OTA configuration in Snapdragon Auto, Snapdragon... High Unreviewed
CVE-2021-30332 was published Apr 2, 2022
stb_image.h (aka the stb image loader) 2.19, as used in libsixel and other products, has a... Moderate Unreviewed
CVE-2022-27938 was published Mar 27, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database