Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

486 advisories

Loading
The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c... Critical Unreviewed
CVE-2017-12998 was published May 13, 2022
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh(). Critical Unreviewed
CVE-2017-13001 was published May 13, 2022
The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c,... Critical Unreviewed
CVE-2017-12993 was published May 13, 2022
The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print(). Critical Unreviewed
CVE-2017-12992 was published May 13, 2022
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print(). Critical Unreviewed
CVE-2017-12991 was published May 13, 2022
The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print(). Critical Unreviewed
CVE-2017-12999 was published May 13, 2022
The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print(). Critical Unreviewed
CVE-2017-12996 was published May 13, 2022
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print(). Critical Unreviewed
CVE-2017-12994 was published May 13, 2022
The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse(). Critical Unreviewed
CVE-2017-12988 was published May 13, 2022
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c... Critical Unreviewed
CVE-2017-12986 was published May 13, 2022
The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print(). Critical Unreviewed
CVE-2017-12985 was published May 13, 2022
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c... Critical Unreviewed
CVE-2017-12894 was published May 13, 2022
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c... Critical Unreviewed
CVE-2017-12900 was published May 13, 2022
The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c... Critical Unreviewed
CVE-2017-12897 was published May 13, 2022
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply(). Critical Unreviewed
CVE-2017-12898 was published May 13, 2022
The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print(). Critical Unreviewed
CVE-2017-12901 was published May 13, 2022
The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print(). Critical Unreviewed
CVE-2017-12895 was published May 13, 2022
The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x... Critical Unreviewed
CVE-2017-12933 was published May 13, 2022
The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len(). Critical Unreviewed
CVE-2017-12893 was published May 13, 2022
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an... Critical Unreviewed
CVE-2017-12377 was published May 13, 2022
tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c. Critical Unreviewed
CVE-2017-11542 was published May 13, 2022
tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c,... Critical Unreviewed
CVE-2017-11541 was published May 13, 2022
In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers... Critical Unreviewed
CVE-2017-11147 was published May 13, 2022
The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other... Critical Unreviewed
CVE-2017-10989 was published May 13, 2022
Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop... Critical Unreviewed
CVE-2017-1000173 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database