Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

484 advisories

Loading
The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c... Critical Unreviewed
CVE-2017-12897 was published May 13, 2022
The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print(). Critical Unreviewed
CVE-2017-12895 was published May 13, 2022
The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x... Critical Unreviewed
CVE-2017-12933 was published May 13, 2022
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c... Critical Unreviewed
CVE-2017-12900 was published May 13, 2022
The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print(). Critical Unreviewed
CVE-2017-12901 was published May 13, 2022
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply(). Critical Unreviewed
CVE-2017-12898 was published May 13, 2022
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c... Critical Unreviewed
CVE-2017-12894 was published May 13, 2022
The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len(). Critical Unreviewed
CVE-2017-12893 was published May 13, 2022
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an... Critical Unreviewed
CVE-2017-12377 was published May 13, 2022
tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c. Critical Unreviewed
CVE-2017-11542 was published May 13, 2022
tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c,... Critical Unreviewed
CVE-2017-11541 was published May 13, 2022
In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers... Critical Unreviewed
CVE-2017-11147 was published May 13, 2022
The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other... Critical Unreviewed
CVE-2017-10989 was published May 13, 2022
Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop... Critical Unreviewed
CVE-2017-1000173 was published May 13, 2022
An information disclosure vulnerability in the Android media framework (n/a). Product: Android.... Critical Unreviewed
CVE-2017-0854 was published May 13, 2022
The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow... Critical Unreviewed
CVE-2016-8620 was published May 13, 2022
A "Cisco WebEx Network Recording Player Out-of-Bounds Vulnerability" exists in Cisco WebEx... Critical Unreviewed
CVE-2017-12369 was published May 13, 2022
An out-of-bounds read (CWE-125) vulnerability exists in Micro Focus VisiBroker 8.5. The... Critical Unreviewed
CVE-2017-9283 was published May 13, 2022
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS... Critical Unreviewed
CVE-2018-0304 was published May 13, 2022
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS... Critical Unreviewed
CVE-2018-0310 was published May 13, 2022
Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior performs read... Critical Unreviewed
CVE-2018-10623 was published May 13, 2022
Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco,... Critical Unreviewed
CVE-2018-14790 was published May 13, 2022
Fuji Electric V-Server 4.0.3.0 and prior, An out-of-bounds read vulnerability has been identified... Critical Unreviewed
CVE-2018-14819 was published May 13, 2022
LAquis SCADA Versions 4.1.0.3870 and prior has several out-of-bounds read vulnerabilities, which... Critical Unreviewed
CVE-2018-17895 was published May 13, 2022
The implementations of streams for bz2 and php://output improperly implemented their readImpl... Critical Unreviewed
CVE-2019-3557 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database