GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
563 advisories
Filter by severity
The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emulator) allows local guest OS...
Moderate
Unreviewed
CVE-2016-7909
was published
May 13, 2022
QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is...
Moderate
Unreviewed
CVE-2016-9776
was published
May 13, 2022
The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0...
Moderate
Unreviewed
CVE-2017-6505
was published
May 13, 2022
QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite...
Moderate
Unreviewed
CVE-2016-1981
was published
May 13, 2022
QEMU (aka Quick Emulator), when built with the e1000e NIC emulation support, allows local guest...
Moderate
Unreviewed
CVE-2017-9310
was published
May 13, 2022
An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibRaw versions prior to 0.18...
High
Unreviewed
CVE-2018-5813
was published
May 13, 2022
In FFmpeg 2.4 and 3.3.3, the read_data function in libavformat/hls.c does not restrict reload...
Moderate
Unreviewed
CVE-2017-14058
was published
May 13, 2022
The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows...
Moderate
Unreviewed
CVE-2018-19840
was published
May 13, 2022
Loop with Unreachable Exit Condition in Netty
High
CVE-2016-4970
was published
for
io.netty:netty-handler
(Maven)
May 13, 2022
An issue was discovered in cairo 1.16.0. There is an infinite loop in the function...
Moderate
Unreviewed
CVE-2019-6462
was published
May 13, 2022
In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and...
Moderate
Unreviewed
CVE-2018-20467
was published
May 13, 2022
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote...
High
Unreviewed
CVE-2017-16944
was published
May 13, 2022
In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows...
Critical
Unreviewed
CVE-2018-20784
was published
May 13, 2022
Loop with Unreachable Exit Condition in Apache CXF
Moderate
CVE-2014-3584
was published
for
org.apache.cxf:cxf-rt-frontend-jaxrs
(Maven)
May 13, 2022
There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to...
High
Unreviewed
CVE-2017-13728
was published
May 13, 2022
In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the...
Moderate
Unreviewed
CVE-2018-5650
was published
May 13, 2022
The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest...
Moderate
Unreviewed
CVE-2017-5973
was published
May 13, 2022
The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local...
Moderate
Unreviewed
CVE-2016-8909
was published
May 13, 2022
The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local...
Moderate
Unreviewed
CVE-2016-8910
was published
May 13, 2022
An issue was discovered in Daimler Mercedes-Benz COMAND 17/13.0 50.12 on Mercedes-Benz C-Class...
High
Unreviewed
CVE-2018-18070
was published
May 13, 2022
GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which...
Moderate
Unreviewed
CVE-2018-20482
was published
May 13, 2022
In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c...
Moderate
Unreviewed
CVE-2018-10289
was published
May 13, 2022
The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local...
Moderate
Unreviewed
CVE-2015-8785
was published
May 13, 2022
The Kepware DNP Master Driver for the KEPServerEX Communications Platform before 5.12.140.0...
High
Unreviewed
CVE-2013-2789
was published
May 13, 2022
In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC...
High
Unreviewed
CVE-2017-15908
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API