Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

212 advisories

Loading
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Denial of Service attack. Due to an... Moderate Unreviewed
CVE-2017-0886 was published May 13, 2022
It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not... High Unreviewed
CVE-2016-9597 was published May 13, 2022
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4... Moderate Unreviewed
CVE-2017-0692 was published May 13, 2022
There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser... High Unreviewed
CVE-2017-11556 was published May 13, 2022
There is a stack consumption vulnerability in the lex function in parser.hpp (as used in sassc)... High Unreviewed
CVE-2017-11554 was published May 13, 2022
There is a stack consumption issue in LibSass 3.4.5 that is triggered in the function Sass::Eval:... High Unreviewed
CVE-2017-12964 was published May 13, 2022
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017... Moderate Unreviewed
CVE-2017-16419 was published May 13, 2022
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in... High Unreviewed
CVE-2017-5839 was published May 13, 2022
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of... High Unreviewed
CVE-2017-9304 was published May 13, 2022
In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in... Moderate Unreviewed
CVE-2017-9616 was published May 13, 2022
In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion)... Moderate Unreviewed
CVE-2017-9617 was published May 13, 2022
In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows remote attackers to cause... High Unreviewed
CVE-2017-9766 was published May 13, 2022
In uClibc 0.9.33.2, there is stack exhaustion (uncontrolled recursion) in the... High Unreviewed
CVE-2017-9729 was published May 13, 2022
An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree:... Moderate Unreviewed
CVE-2018-11254 was published May 13, 2022
Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a... Moderate Unreviewed
CVE-2018-11597 was published May 13, 2022
Endless recursion when handling responses from an IAS-ECC card in iasecc_select_file in libopensc... Moderate Unreviewed
CVE-2018-16426 was published May 13, 2022
jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary... Moderate Unreviewed
CVE-2018-5759 was published May 13, 2022
In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image... Moderate Unreviewed
CVE-2018-5772 was published May 13, 2022
pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream... Moderate Unreviewed
CVE-2018-6544 was published May 13, 2022
libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary key but found non-name... High Unreviewed
CVE-2018-9918 was published May 13, 2022
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30.... Moderate Unreviewed
CVE-2018-9996 was published May 13, 2022
The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery... High Unreviewed
CVE-2016-3627 was published May 14, 2022
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Moderate Unreviewed
CVE-2022-1771 was published May 19, 2022
compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of... Moderate Unreviewed
CVE-2022-30974 was published May 19, 2022
Improper path handling in Kustomization files allows for denial of service High
CVE-2022-24878 was published for github.com/fluxcd/flux2 (Go) May 20, 2022
hiddeco
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database