Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,053
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,309 advisories

Loading
An issue was discovered in Xen through 4.14.x. Nodes in xenstore have an ownership. In oxenstored... Moderate Unreviewed
CVE-2020-29486 was published May 24, 2022
A flaw was found in the spice-vdagentd daemon, where it did not properly handle client... Moderate Unreviewed
CVE-2020-25652 was published May 24, 2022
A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system... Moderate Unreviewed
CVE-2020-25650 was published May 24, 2022
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. High Unreviewed
CVE-2020-8037 was published May 24, 2022
Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. A remote... High Unreviewed
CVE-2020-27978 was published May 24, 2022
A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw... High Unreviewed
CVE-2020-25648 was published May 24, 2022
Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of... High Unreviewed
CVE-2020-3569 was published May 24, 2022
A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR... High Unreviewed
CVE-2020-3566 was published May 24, 2022
CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation. Moderate Unreviewed
CVE-2020-15806 was published May 24, 2022
An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit... High Unreviewed
CVE-2020-14405 was published May 24, 2022
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF... High Unreviewed
CVE-2020-13114 was published May 24, 2022
A potential DoS flaw was found in the virtio-fs shared file system daemon (virtiofsd)... Low Unreviewed
CVE-2020-10717 was published May 24, 2022
SHAREit through 4.0.6.177 does not check the body length from the received packet header (which... High Unreviewed
CVE-2019-14941 was published May 24, 2022
SHAREit through 4.0.6.177 does not check the full message length from the received packet header ... High Unreviewed
CVE-2019-15234 was published May 24, 2022
Golang Facebook Thrift servers vulnerable to denial of service High
CVE-2019-11939 was published for github.com/facebook/fbthrift (Go) May 24, 2022
C++ Facebook Thrift servers would not error upon receiving messages declaring containers of sizes... High Unreviewed
CVE-2019-3553 was published May 24, 2022
GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in... Moderate Unreviewed
CVE-2020-6610 was published May 24, 2022
A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote... Moderate Unreviewed
CVE-2019-14834 was published May 24, 2022
GitLab 12.2.3 contains a security vulnerability that allows a user to affect the availability of... Moderate Unreviewed
CVE-2019-15593 was published May 24, 2022
An issue was discovered in NiceHash Miner before 2.0.3.0. A missing rate limit while adding a... High Unreviewed
CVE-2019-6120 was published May 24, 2022
An exploitable denial-of-service vulnerability exists in the Weave daemon of the Nest Cam IQ... High Unreviewed
CVE-2019-5043 was published May 24, 2022
Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks. Earlier versions of Apache... High Unreviewed
CVE-2019-10079 was published May 24, 2022
An issue was discovered in Bitdefender BOX firmware versions before 2.1.37.37-34 that affects the... Moderate Unreviewed
CVE-2019-12611 was published May 24, 2022
By design, BIND is intended to limit the number of TCP clients that can be connected at any given... High Unreviewed
CVE-2018-5743 was published May 24, 2022
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before... Moderate Unreviewed
CVE-2019-15165 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database