GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,763
Composer 4,750
Erlang 35
GitHub Actions 29
Go 2,323
Maven 5,608
npm 3,956
NuGet 712
pip 3,739
Pub 12
RubyGems 921
Rust 973
Swift 38

Unreviewed advisories

All unreviewed 258,266

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

111 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode... Critical Unreviewed

CVE-2017-14626 was published May 13, 2022

ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function... Critical Unreviewed

CVE-2017-14625 was published May 13, 2022

ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c. Critical Unreviewed

CVE-2017-14532 was published May 13, 2022

ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function... Critical Unreviewed

CVE-2017-14624 was published May 13, 2022

GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders... Critical Unreviewed

CVE-2017-11637 was published May 14, 2022

libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_path function in util.c. Critical Unreviewed

CVE-2017-11125 was published May 13, 2022

libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unserialize function in archive.c. Critical Unreviewed

CVE-2017-11124 was published May 13, 2022

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL... Critical Unreviewed

CVE-2017-3169 was published May 13, 2022

elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU... Critical Unreviewed

CVE-2017-7614 was published May 17, 2022

The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7... Critical Unreviewed

CVE-2016-5690 was published May 17, 2022

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to... Critical Unreviewed

CVE-2016-5689 was published May 17, 2022

`NSC_DeriveKey` inadvertently assumed that the `phKey` parameter is always non-NULL. When it was... Critical Unreviewed

CVE-2024-11705 was published Nov 26, 2024

Incomplete validation in boosted trees code Critical

CVE-2021-41208 was published for tensorflow (pip) Nov 10, 2021

An issue was discovered in gpac version 2.3-DEV-rev588-g7edc40fee-master, allows remote attackers... Critical Unreviewed

CVE-2023-46427 was published Mar 9, 2024

Joda Time v2.12.5 was discovered to contain a NullPointerException via the component org.joda... Critical Unreviewed

CVE-2024-23080 was published Apr 10, 2024

An issue in RedisGraph v.2.12.10 allows an attacker to execute arbitrary code and cause a denial... Critical Unreviewed

CVE-2023-47003 was published Nov 16, 2023

An issue in coap_msg.c in Keith Cullen's FreeCoAP v.0.7 allows remote attackers to cause a Denial... Critical Unreviewed

CVE-2024-31030 was published May 31, 2024

JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org... Critical Unreviewed

CVE-2024-23078 was published Apr 8, 2024

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Properly link new... Critical Unreviewed

CVE-2024-35960 was published May 20, 2024

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix RCU... Critical Unreviewed

CVE-2024-27053 was published May 1, 2024

In libarchive 3.6.1, the software does not check for an error after calling calloc function that... Critical Unreviewed

CVE-2022-36227 was published Nov 22, 2022

The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in... Critical Unreviewed

CVE-2022-36648 was published Aug 22, 2023

ecnepsnai/web vulnerable to Uncontrolled Resource Consumption Critical

CVE-2021-4236 was published for github.com/ecnepsnai/web (Go) Dec 28, 2022

Lack of null check while freeing the device information buffer in the Bluetooth HFP protocol can... Critical Unreviewed

CVE-2021-35068 was published Feb 12, 2022

An issue was found in MojoJson v1.2.3 allows attackers to execute arbitary code via the destroy... Critical Unreviewed

CVE-2023-23087 was published Feb 3, 2023

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

111 advisories