Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,826
Erlang
36
GitHub Actions
32
Go
2,426
Maven
5,000+
npm
4,058
NuGet
723
pip
3,848
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,959 advisories

Loading
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge,... High Unreviewed
CVE-2019-17455 was published May 24, 2022
A Structured Exception Handler (SEH) based buffer overflow in File Sharing Wizard 1.5.0 26-8-2008... Critical Unreviewed
CVE-2019-17415 was published May 24, 2022
NetSarang XFTP Client 6.0149 and earlier version contains a buffer overflow vulnerability caused... Critical Unreviewed
CVE-2019-17320 was published May 24, 2022
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from... Moderate Unreviewed
CVE-2019-17402 was published May 24, 2022
IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting... High Unreviewed
CVE-2019-17247 was published May 24, 2022
IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS... High Unreviewed
CVE-2019-17244 was published May 24, 2022
IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS... High Unreviewed
CVE-2019-17243 was published May 24, 2022
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not... Critical Unreviewed
CVE-2019-17133 was published May 24, 2022
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. Moderate Unreviewed
CVE-2019-15166 was published May 24, 2022
libpcap before 1.9.1, as used in tcpdump before 4.9.3, has a buffer overflow and/or over-read... High Unreviewed
CVE-2018-16301 was published May 24, 2022
The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c... Moderate Unreviewed
CVE-2018-14879 was published May 24, 2022
Buffer overflow due to improper validation of buffer size while IPA driver processing to perform... High Unreviewed
CVE-2019-2333 was published May 24, 2022
Buffer overflow when the audio buffer size provided by user is larger than the maximum allowable... High Unreviewed
CVE-2019-2341 was published May 24, 2022
Classic buffer overflow vulnerability while playing the specific video whose Decode picture... Critical Unreviewed
CVE-2019-2252 was published May 24, 2022
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019... High Unreviewed
CVE-2019-16928 was published May 24, 2022
Mozilla developers and community members reported memory safety bugs present in Firefox 68 and... Critical Unreviewed
CVE-2019-11735 was published May 24, 2022
Mozilla developers and community members reported memory safety bugs present in Firefox 68. Some... Critical Unreviewed
CVE-2019-11734 was published May 24, 2022
Lack of input validation for data received from user space can lead to OOB access in WLAN in... High Unreviewed
CVE-2019-10508 was published May 24, 2022
Buffer overflow in WLAN NAN function due to lack of check of count value received in NAN... Critical Unreviewed
CVE-2019-10540 was published May 24, 2022
Possible buffer overflow issue due to lack of length check when parsing the extended cap IE... Critical Unreviewed
CVE-2019-10539 was published May 24, 2022
Buffer overflow scenario if the client sends more than 5 io_vec requests to the server in... High Unreviewed
CVE-2019-10498 was published May 24, 2022
The Netskope client service, v57 before 57.2.0.219 and v60 before 60.2.0.214, running with NT... High Unreviewed
CVE-2019-10882 was published May 24, 2022
In IrfanView 4.53, Data from a Faulting Address controls a subsequent Write Address starting at... High Unreviewed
CVE-2019-16887 was published May 24, 2022
A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address... High Unreviewed
CVE-2019-12655 was published May 24, 2022
File Sharing Wizard 1.5.0 allows a remote attacker to obtain arbitrary code execution by... Critical Unreviewed
CVE-2019-16724 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database