GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,416

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

224 advisories

Filter by severity

Sort by

Least recently updated

The BPMDetect class in BPMDetect.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows... Moderate Unreviewed

CVE-2018-17096 was published May 13, 2022

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11... Moderate Unreviewed

CVE-2018-4113 was published May 13, 2022

JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_firstone in... Moderate Unreviewed

CVE-2018-9055 was published May 13, 2022

In Exiv2 0.26, an assertion failure in BigTiffImage::readData in bigtiffimage.cpp results in an... Moderate Unreviewed

CVE-2018-9303 was published May 13, 2022

The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause... Moderate Unreviewed

CVE-2016-9388 was published May 14, 2022

Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion... Moderate Unreviewed

CVE-2019-13113 was published May 24, 2022

DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. Moderate Unreviewed

CVE-2019-14382 was published May 24, 2022

J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. Moderate Unreviewed

CVE-2019-14383 was published May 24, 2022

A reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an... Moderate Unreviewed

CVE-2019-13223 was published May 24, 2022

A packet containing a malformed DUID can cause the Kea DHCPv6 server process (kea-dhcp6) to exit... Moderate Unreviewed

CVE-2019-6472 was published May 24, 2022

An invalid hostname option can trigger an assertion failure in the Kea DHCPv4 server process (kea... Moderate Unreviewed

CVE-2019-6473 was published May 24, 2022

The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci... Moderate Unreviewed

CVE-2019-18844 was published May 24, 2022

An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3... Moderate Unreviewed

CVE-2020-11653 was published May 24, 2022

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an... Moderate Unreviewed

CVE-2020-8617 was published May 24, 2022

An assertion failure issue was found in the Network Block Device(NBD) Server in all QEMU versions... Moderate Unreviewed

CVE-2020-10761 was published May 24, 2022

An attacker who is permitted to send zone data to a server via zone transfer can exploit this to... Moderate Unreviewed

CVE-2020-8618 was published May 24, 2022

In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This... Moderate Unreviewed

CVE-2020-16092 was published May 24, 2022

In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1... Moderate Unreviewed

CVE-2020-8622 was published May 24, 2022

In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with... Moderate Unreviewed

CVE-2020-8620 was published May 24, 2022

In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21... Moderate Unreviewed

CVE-2020-8623 was published May 24, 2022

In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME... Moderate Unreviewed

CVE-2020-8621 was published May 24, 2022

An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp... Moderate Unreviewed

CVE-2020-6097 was published May 24, 2022

Receipt of a specifically malformed NDP packet sent from the local area network (LAN) to a device... Moderate Unreviewed

CVE-2020-1681 was published May 24, 2022

eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure... Moderate Unreviewed

CVE-2020-27617 was published May 24, 2022

A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur... Moderate Unreviewed

CVE-2020-25723 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

224 advisories