GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
252 advisories
Filter by severity
The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service ...
Moderate
Unreviewed
CVE-2017-17381
was published
May 13, 2022
The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus...
Moderate
Unreviewed
CVE-2016-9922
was published
May 13, 2022
The WriteTIFFImage function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote...
Moderate
Unreviewed
CVE-2016-10053
was published
May 13, 2022
The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service ...
Moderate
Unreviewed
CVE-2014-9756
was published
May 13, 2022
libavformat/movenc.c in FFmpeg 3.2 and 4.0.2 allows attackers to cause a denial of service ...
Moderate
Unreviewed
CVE-2018-14395
was published
May 13, 2022
The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows...
Moderate
Unreviewed
CVE-2016-8669
was published
May 13, 2022
Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a...
Moderate
Unreviewed
CVE-2016-9921
was published
May 13, 2022
Divide-by-zero vulnerabilities in the function arlib_add_symbols() in arlib.c in elfutils 0.174...
Moderate
Unreviewed
CVE-2018-18521
was published
May 13, 2022
arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during...
Moderate
Unreviewed
CVE-2015-7513
was published
May 13, 2022
hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which...
High
Unreviewed
CVE-2015-6855
was published
May 13, 2022
An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows...
Moderate
Unreviewed
CVE-2018-11212
was published
May 13, 2022
The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote...
High
Unreviewed
CVE-2012-0207
was published
May 4, 2022
agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux (RHEL) 3 allows remote...
Moderate
Unreviewed
CVE-2009-1887
was published
May 2, 2022
The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack...
Moderate
Unreviewed
CVE-2007-3268
was published
May 1, 2022
Media Player Classic 6.4.9.0 allows user-assisted remote attackers to cause a denial of service ...
High
Unreviewed
CVE-2007-2723
was published
May 1, 2022
Microsoft Windows Graphics Device Interface (GDI+, GdiPlus.dll) allows context-dependent...
High
Unreviewed
CVE-2007-2237
was published
May 1, 2022
Grisoft AVG Anti-Virus before 7.1.407 allows remote attackers to cause a denial of service (crash...
High
Unreviewed
CVE-2006-5939
was published
May 1, 2022
Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service ...
Moderate
Unreviewed
CVE-2004-0804
was published
Apr 29, 2022
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack...
High
Unreviewed
CVE-2021-44500
was published
Apr 16, 2022
In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z ...
Moderate
Unreviewed
CVE-2021-3941
was published
Mar 26, 2022
Divide-by-zero in Clickhouse's Delta compression codec when parsing a malicious query. The first...
Moderate
Unreviewed
CVE-2021-42389
was published
Mar 16, 2022
Divide-by-zero in Clickhouse's Gorilla compression codec when parsing a malicious query. The...
Moderate
Unreviewed
CVE-2021-42391
was published
Mar 16, 2022
Divide-by-zero in Clickhouse's DeltaDouble compression codec when parsing a malicious query. The...
Moderate
Unreviewed
CVE-2021-42390
was published
Mar 16, 2022
Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service...
Moderate
Unreviewed
CVE-2022-0909
was published
Mar 12, 2022
libcaca is affected by a Divide By Zero issue via img2txt, which allows a remote malicious user...
Moderate
Unreviewed
CVE-2022-0856
was published
Mar 11, 2022
ProTip!
Advisories are also available from the
GraphQL API