Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,246
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

417 advisories

Loading
When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP... Moderate Unreviewed
CVE-2019-0003 was published May 13, 2022
A query with a specific set of characteristics could cause a server using DNS64 to encounter an... Moderate Unreviewed
CVE-2017-3136 was published May 13, 2022
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This... High Unreviewed
CVE-2019-10894 was published May 13, 2022
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is... Moderate Unreviewed
CVE-2015-8745 was published May 13, 2022
The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an... High Unreviewed
CVE-2018-15822 was published May 13, 2022
There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2... High Unreviewed
CVE-2017-13751 was published May 13, 2022
There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in... High Unreviewed
CVE-2017-13745 was published May 13, 2022
There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer... High Unreviewed
CVE-2017-13752 was published May 13, 2022
There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer... High Unreviewed
CVE-2017-13747 was published May 13, 2022
There is a reachable assertion abort in the function jpc_pi_nextrpcl() in jpc/jpc_t2cod.c in... High Unreviewed
CVE-2017-13749 was published May 13, 2022
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296... High Unreviewed
CVE-2017-13750 was published May 13, 2022
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297... High Unreviewed
CVE-2017-13746 was published May 13, 2022
The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows remote attackers to cause a... High Unreviewed
CVE-2016-9397 was published May 13, 2022
The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to... High Unreviewed
CVE-2016-9398 was published May 13, 2022
The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a... High Unreviewed
CVE-2016-9399 was published May 13, 2022
An issue was discovered in cairo 1.16.0. There is an assertion problem in the function... Moderate Unreviewed
CVE-2019-6461 was published May 13, 2022
A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker... High Unreviewed
CVE-2017-3139 was published May 13, 2022
There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound... Moderate Unreviewed
CVE-2017-15371 was published May 13, 2022
An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting... High Unreviewed
CVE-2018-17205 was published May 13, 2022
An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting... Moderate Unreviewed
CVE-2018-17204 was published May 13, 2022
An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD)... High Unreviewed
CVE-2017-7539 was published May 13, 2022
A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17.... Moderate Unreviewed
CVE-2018-20217 was published May 13, 2022
"deny-answer-aliases" is a little-used feature intended to help recursive server operators... High Unreviewed
CVE-2018-5740 was published May 13, 2022
A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and... High Unreviewed
CVE-2021-27500 was published May 13, 2022
A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and... High Unreviewed
CVE-2021-27498 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API