GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
445 advisories
Filter by severity
A double free when handling responses in read_file in tools/egk-tool.c (aka the eGK card tool) in...
Moderate
Unreviewed
CVE-2018-16424
was published
May 13, 2022
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to...
Moderate
Unreviewed
CVE-2017-7521
was published
May 13, 2022
The server in Dropbear before 2017.75 might allow post-authentication root remote code execution...
High
Unreviewed
CVE-2017-9078
was published
May 13, 2022
The function `read_data()` in security.c in curl before version 7.51.0 is vulnerable to memory...
Critical
Unreviewed
CVE-2016-8619
was published
May 13, 2022
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations...
High
Unreviewed
CVE-2017-10950
was published
May 13, 2022
A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive...
Critical
Unreviewed
CVE-2018-0101
was published
May 13, 2022
A vulnerability in the Pong tool of Cisco NX-OS Software could allow an unauthenticated, adjacent...
High
Unreviewed
CVE-2018-0102
was published
May 13, 2022
A vulnerability in Simple Network Management Protocol (SNMP) subsystem of Cisco IOS XE Software...
Moderate
Unreviewed
CVE-2018-0160
was published
May 13, 2022
A vulnerability in the web user interface of Cisco IOS XE Software could allow an unauthenticated...
High
Unreviewed
CVE-2018-0469
was published
May 13, 2022
It was found that the raw midi kernel driver does not protect against concurrent access which...
High
Unreviewed
CVE-2018-10902
was published
May 13, 2022
A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ns-slapd crashes in...
High
Unreviewed
CVE-2018-14638
was published
May 13, 2022
Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial...
Moderate
Unreviewed
CVE-2018-16841
was published
May 13, 2022
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing...
Critical
Unreviewed
CVE-2018-5379
was published
May 13, 2022
In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a...
Moderate
Unreviewed
CVE-2018-7523
was published
May 13, 2022
Double free vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by...
High
Unreviewed
CVE-2018-8835
was published
May 13, 2022
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0...
High
Unreviewed
CVE-2018-1000877
was published
May 13, 2022
In MasteringMetadata::Parse of mkvparser.cc there is a possible double free due to an insecure...
High
Unreviewed
CVE-2018-9553
was published
May 13, 2022
A double free exists in the MP4StringProperty class in mp4property.cpp in MP4v2 2.0.0. A dangling...
Critical
Unreviewed
CVE-2018-14054
was published
May 13, 2022
Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in lib/gssapi...
High
Unreviewed
CVE-2014-4343
was published
May 13, 2022
Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified...
Critical
Unreviewed
CVE-2017-11462
was published
May 13, 2022
PackLinuxElf64::unpack in p_lx_elf.cpp in UPX 3.95 allows remote attackers to cause a denial of...
High
Unreviewed
CVE-2018-11243
was published
May 13, 2022
The read_MSAT function in ole.c in libxls 1.4.0 has a double free that allows attackers to cause...
Moderate
Unreviewed
CVE-2018-20450
was published
May 13, 2022
Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function...
High
Unreviewed
CVE-2018-1000222
was published
May 13, 2022
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.
Critical
Unreviewed
CVE-2017-1000232
was published
May 13, 2022
Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows...
High
Unreviewed
CVE-2011-3892
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API