Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,757
Erlang
35
GitHub Actions
29
Go
2,327
Maven
5,000+
npm
3,960
NuGet
712
pip
3,741
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

281,455 advisories

Loading
An issue was discovered in Enigmail before 1.9.9. A remote attacker can obtain cleartext content... Moderate Unreviewed
CVE-2017-17844 was published May 13, 2022
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in do_directive in asm/preproc.c... Moderate Unreviewed
CVE-2017-17814 was published May 14, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed
CVE-2017-17411 was published May 14, 2022
In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in is_mmacro() in asm... Moderate Unreviewed
CVE-2017-17815 was published May 14, 2022
The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero... High Unreviewed
CVE-2017-17805 was published May 14, 2022
Puppet Enterprise 3.7.x and 3.8.0 might allow remote authenticated users to manage certificates... Moderate Unreviewed
CVE-2015-4100 was published May 24, 2022
In Netwide Assembler (NASM) 2.14rc0, there is a "SEGV on unknown address" that will cause a... Moderate Unreviewed
CVE-2017-17810 was published May 14, 2022
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_getline in asm/preproc.c... Moderate Unreviewed
CVE-2017-17816 was published May 14, 2022
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the pp_list_one_macro function... Moderate Unreviewed
CVE-2017-17813 was published May 14, 2022
The KEYS subsystem in the Linux kernel before 4.14.6 omitted an access-control check when adding... Low Unreviewed
CVE-2017-17807 was published May 13, 2022
The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that... High Unreviewed
CVE-2017-17806 was published May 13, 2022
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_verror in asm/preproc.c that... Moderate Unreviewed
CVE-2017-17817 was published May 14, 2022
In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function find_cc()... Moderate Unreviewed
CVE-2017-17819 was published May 14, 2022
In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read in the function... Moderate Unreviewed
CVE-2017-17812 was published May 13, 2022
In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a... High Unreviewed
CVE-2017-17818 was published May 13, 2022
In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_list_one_macro in asm... Moderate Unreviewed
CVE-2017-17820 was published May 14, 2022
In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer overflow that will cause a... Moderate Unreviewed
CVE-2017-17811 was published May 14, 2022
In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows (or guesses)... Moderate Unreviewed
CVE-2017-5257 was published May 13, 2022
In version 3.5 and prior of Cambium Networks ePMP firmware, all authenticated users have the... Moderate Unreviewed
CVE-2017-5256 was published May 13, 2022
This vulnerability allows remote attackers to disclose sensitive information on vulnerable... Moderate Unreviewed
CVE-2017-16584 was published May 13, 2022
This vulnerability allows remote attackers to disclose sensitive information on vulnerable... Moderate Unreviewed
CVE-2017-16588 was published May 13, 2022
This vulnerability allows remote attackers to disclose sensitive information on vulnerable... Moderate Unreviewed
CVE-2017-16574 was published May 13, 2022
This vulnerability allows remote attackers to disclose sensitive information on vulnerable... Moderate Unreviewed
CVE-2017-16589 was published May 13, 2022
This vulnerability allows remote attackers to disclose sensitive information on vulnerable... Moderate Unreviewed
CVE-2017-16579 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2017-16572 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database