Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

2,861 advisories

Loading
IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a privileged user to cause a... Moderate Unreviewed
CVE-2017-1495 was published May 17, 2022
Improper handling between export and release functions on the same handle from client can lead to... Moderate Unreviewed
CVE-2021-35120 was published Jun 15, 2022
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue... Moderate Unreviewed
CVE-2016-4663 was published May 17, 2022
Improper validation of session id in PCM routing process can lead to memory corruption in... Moderate Unreviewed
CVE-2021-35098 was published Jun 15, 2022
A vulnerability in the handling of list headers in Cisco cBR Series Converged Broadband Routers... Moderate Unreviewed
CVE-2017-3824 was published May 17, 2022
There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in... Moderate Unreviewed
CVE-2017-11339 was published May 17, 2022
STDU Viewer version 1.6.375 might allow user-assisted attackers to execute code via a crafted... Moderate Unreviewed
CVE-2017-8387 was published May 17, 2022
There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An... Moderate Unreviewed
CVE-2021-3598 was published May 24, 2022
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer... Moderate Unreviewed
CVE-2016-9374 was published May 17, 2022
Buffer overflow in the do_type function in cplus-dem.c in libiberty allows remote attackers to... Moderate Unreviewed
CVE-2016-4492 was published May 17, 2022
The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial... Moderate Unreviewed
CVE-2016-4491 was published May 17, 2022
The id3_field_parse function in field.c in libid3tag 0.15.1b allows remote attackers to cause a... Moderate Unreviewed
CVE-2017-11551 was published May 17, 2022
Due to lack of proper memory management, when a victim opens manipulated AutoCAD (.dxf,... Moderate Unreviewed
CVE-2022-41173 was published Oct 12, 2022
Due to lack of proper memory management, when a victim opens manipulated Wavefront Object (.obj,... Moderate Unreviewed
CVE-2022-41166 was published Oct 12, 2022
Due to lack of proper memory management, when a victim opens manipulated CATIA4 Part (.model,... Moderate Unreviewed
CVE-2022-41171 was published Oct 12, 2022
A Denial of Service vulnerability in the remote login functionality for Cisco NX-OS Software... Moderate Unreviewed
CVE-2017-3879 was published May 17, 2022
There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker... Moderate Unreviewed
CVE-2021-3605 was published May 24, 2022
The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9... Moderate Unreviewed
CVE-2016-6416 was published May 17, 2022
IBM Informix Dynamic Server 12.1 could allow an authenticated user to cause a buffer overflow... Moderate Unreviewed
CVE-2017-1310 was published May 17, 2022
Due to lack of proper memory management, when a victim opens manipulated Parasolid Part and... Moderate Unreviewed
CVE-2022-41182 was published Oct 12, 2022
Due to lack of proper memory management, when a victim opens manipulated SolidWorks Drawing (... Moderate Unreviewed
CVE-2022-39807 was published Oct 12, 2022
Due to lack of proper memory management, when a victim opens manipulated Right Hemisphere... Moderate Unreviewed
CVE-2022-41174 was published Oct 12, 2022
Due to lack of proper memory management, when a victim opens manipulated Iges Part and Assembly (... Moderate Unreviewed
CVE-2022-41178 was published Oct 12, 2022
Due to lack of proper memory management, when a victim opens manipulated Enhanced Metafile (.emf,... Moderate Unreviewed
CVE-2022-41176 was published Oct 12, 2022
SWFTools 2013-04-09-1007 on Windows has a "Data from Faulting Address controls Branch Selection... Moderate Unreviewed
CVE-2017-8420 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database