GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
484 advisories
Filter by severity
The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c...
Critical
Unreviewed
CVE-2017-12897
was published
May 13, 2022
The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
Critical
Unreviewed
CVE-2017-12895
was published
May 13, 2022
The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x...
Critical
Unreviewed
CVE-2017-12933
was published
May 13, 2022
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c...
Critical
Unreviewed
CVE-2017-12900
was published
May 13, 2022
The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().
Critical
Unreviewed
CVE-2017-12901
was published
May 13, 2022
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().
Critical
Unreviewed
CVE-2017-12898
was published
May 13, 2022
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c...
Critical
Unreviewed
CVE-2017-12894
was published
May 13, 2022
The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().
Critical
Unreviewed
CVE-2017-12893
was published
May 13, 2022
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an...
Critical
Unreviewed
CVE-2017-12377
was published
May 13, 2022
tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.
Critical
Unreviewed
CVE-2017-11542
was published
May 13, 2022
tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c,...
Critical
Unreviewed
CVE-2017-11541
was published
May 13, 2022
In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers...
Critical
Unreviewed
CVE-2017-11147
was published
May 13, 2022
The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other...
Critical
Unreviewed
CVE-2017-10989
was published
May 13, 2022
Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop...
Critical
Unreviewed
CVE-2017-1000173
was published
May 13, 2022
An information disclosure vulnerability in the Android media framework (n/a). Product: Android....
Critical
Unreviewed
CVE-2017-0854
was published
May 13, 2022
The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow...
Critical
Unreviewed
CVE-2016-8620
was published
May 13, 2022
A "Cisco WebEx Network Recording Player Out-of-Bounds Vulnerability" exists in Cisco WebEx...
Critical
Unreviewed
CVE-2017-12369
was published
May 13, 2022
An out-of-bounds read (CWE-125) vulnerability exists in Micro Focus VisiBroker 8.5. The...
Critical
Unreviewed
CVE-2017-9283
was published
May 13, 2022
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS...
Critical
Unreviewed
CVE-2018-0304
was published
May 13, 2022
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS...
Critical
Unreviewed
CVE-2018-0310
was published
May 13, 2022
Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior performs read...
Critical
Unreviewed
CVE-2018-10623
was published
May 13, 2022
Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco,...
Critical
Unreviewed
CVE-2018-14790
was published
May 13, 2022
Fuji Electric V-Server 4.0.3.0 and prior, An out-of-bounds read vulnerability has been identified...
Critical
Unreviewed
CVE-2018-14819
was published
May 13, 2022
LAquis SCADA Versions 4.1.0.3870 and prior has several out-of-bounds read vulnerabilities, which...
Critical
Unreviewed
CVE-2018-17895
was published
May 13, 2022
The implementations of streams for bz2 and php://output improperly implemented their readImpl...
Critical
Unreviewed
CVE-2019-3557
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API