Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,831
Erlang
36
GitHub Actions
33
Go
2,451
Maven
5,000+
npm
4,073
NuGet
723
pip
3,868
Pub
12
RubyGems
943
Rust
1,010
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,389 advisories

Loading
The pe_bfd_read_buildid function in peicode.h in the Binary File Descriptor (BFD) library (aka... High Unreviewed
CVE-2017-16832 was published May 14, 2022
The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to... High Unreviewed
CVE-2017-16828 was published May 14, 2022
The print_gnu_property_note function in readelf.c in GNU Binutils 2.29.1 does not have integer... High Unreviewed
CVE-2017-16830 was published May 14, 2022
The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block... High Unreviewed
CVE-2017-17426 was published May 17, 2022
Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 allows an attacker to... High Unreviewed
CVE-2017-1000229 was published May 14, 2022
CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the... Critical Unreviewed
CVE-2017-1000158 was published May 13, 2022
The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an... Moderate Unreviewed
CVE-2017-15873 was published May 13, 2022
An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5... High Unreviewed
CVE-2017-2888 was published May 13, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, while reading... High Unreviewed
CVE-2017-8278 was published May 13, 2022
Integer overflow in IAudioPolicyService.cpp in Android allows local users to gain privileges via... High Unreviewed
CVE-2015-1527 was published May 17, 2022
Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick... High Unreviewed
CVE-2017-14167 was published May 13, 2022
In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might... Moderate Unreviewed
CVE-2017-14173 was published May 13, 2022
An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx... Moderate Unreviewed
CVE-2017-14051 was published May 14, 2022
Integer overflow in the INT123_parse_new_id3 function in the ID3 parser in mpg123 before 1.25.5... Moderate Unreviewed
CVE-2017-12797 was published May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition... High Unreviewed
CVE-2017-8267 was published May 17, 2022
The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote... High Unreviewed
CVE-2017-9835 was published May 13, 2022
The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3... Moderate Unreviewed
CVE-2017-7542 was published May 13, 2022
Integer overflow in the soap_get function in Genivia gSOAP 2.7.x and 2.8.x before 2.8.48, as used... High Unreviewed
CVE-2017-9765 was published May 17, 2022
An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx function of the ptp-pack.c... Moderate Unreviewed
CVE-2017-9831 was published May 13, 2022
A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus... Critical Unreviewed
CVE-2012-6706 was published May 14, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c... Critical Unreviewed
CVE-2017-9199 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c... Critical Unreviewed
CVE-2017-9200 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c... Critical Unreviewed
CVE-2017-9161 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c... Critical Unreviewed
CVE-2017-9197 was published May 17, 2022
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c... Critical Unreviewed
CVE-2017-9198 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database