Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+

271 advisories

Loading
In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after... High Unreviewed
CVE-2017-14519 was published May 13, 2022
The DNS packet parser in YADIFA before 2.2.6 does not check for the presence of infinite pointer... High Unreviewed
CVE-2017-14339 was published May 13, 2022
There is an infinite loop in the jpc_dec_tileinit function in jpc/jpc_dec.c of Jasper 2.0.13. It... High Unreviewed
CVE-2017-14229 was published May 13, 2022
In ihevcd_decode.c there is a possible infinite loop due to bytes for an sps of unsupported... High Unreviewed
CVE-2017-13193 was published May 13, 2022
In the ihevcd_decode function of ihevcd_decode.c, there is an infinite loop due to an incomplete... High Unreviewed
CVE-2017-13191 was published May 13, 2022
In the ihevcd_parse_sps function of ihevcd_parse_headers.c, several parameter values could be... High Unreviewed
CVE-2017-13195 was published May 13, 2022
In the ihevcd_parse_slice_header function of ihevcd_parse_slice_header.c a slice address of zero... High Unreviewed
CVE-2017-13192 was published May 13, 2022
The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain... High Unreviewed
CVE-2017-12995 was published May 13, 2022
The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c... High Unreviewed
CVE-2017-12997 was published May 13, 2022
The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c... High Unreviewed
CVE-2017-12989 was published May 13, 2022
The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print... High Unreviewed
CVE-2017-12990 was published May 13, 2022
Numpy missing input validation High
CVE-2017-12852 was published for numpy (pip) May 13, 2022
jhutchings1
ccn-lite-ccnb2xml in CCN-lite before 2.0.0 allows context-dependent attackers to have unspecified... High Unreviewed
CVE-2017-12412 was published May 13, 2022
The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1... High Unreviewed
CVE-2017-11523 was published May 13, 2022
The ReadPESImage function in coders\pes.c in ImageMagick 7.0.6-1 has an infinite loop... High Unreviewed
CVE-2017-11446 was published May 13, 2022
The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0... High Unreviewed
CVE-2017-11478 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite... High Unreviewed
CVE-2017-11406 was published May 13, 2022
The ExifImageFile::readImage function in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote... High Unreviewed
CVE-2017-11118 was published May 13, 2022
An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Infinite read in dhcp_attr2vp()... High Unreviewed
CVE-2017-10986 was published May 13, 2022
An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite loop and memory exhaustion... High Unreviewed
CVE-2017-10985 was published May 13, 2022
An infinite loop vulnerability was found in libtirpc before version 1.0.2-rc2. With the port to... High Unreviewed
CVE-2018-14621 was published May 13, 2022
A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions... High Unreviewed
CVE-2018-1041 was published May 13, 2022
The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in... High Unreviewed
CVE-2018-5381 was published May 13, 2022
** DISPUTED ** The deserialize function in serialize-to-js through 1.1.1 allows attackers to... High Unreviewed
CVE-2017-15871 was published May 13, 2022
sas/readstat_sas7bcat_read.c in libreadstat.a in ReadStat 0.1.1 has an infinite loop. High Unreviewed
CVE-2018-11365 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database