Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,093 advisories

Loading
Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the... High Unreviewed
CVE-2020-16850 was published May 24, 2022
Uncontrolled Resource Consumption can be exploited to cause the Phoenix Contact HMIs BTP 2043W,... High Unreviewed
CVE-2020-12524 was published May 24, 2022
An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as... High Unreviewed
CVE-2020-10772 was published May 24, 2022
Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially... High Unreviewed
CVE-2019-14559 was published May 24, 2022
Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU... High Unreviewed
CVE-2020-5668 was published May 24, 2022
A potential DOS vulnerability was discovered in GitLab CE/EE starting with version 12.6. The... Moderate Unreviewed
CVE-2020-13354 was published May 24, 2022
Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series CPU Modules (R00/01/02CPU... High Unreviewed
CVE-2020-5666 was published May 24, 2022
Memory leak in IPv6Param::setAddress in CloudAvid PParam 1.3.1. High Unreviewed
CVE-2020-28723 was published May 24, 2022
BAB TECHNOLOGIE GmbH eibPort V3 prior to 3.8.3 devices allow denial of service (Uncontrolled... High Unreviewed
CVE-2020-24573 was published May 24, 2022
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and... High Unreviewed
CVE-2020-15783 was published May 24, 2022
In Message and toBundle of Notification.java, there is a possible resource exhaustion due to... High Unreviewed
CVE-2020-0441 was published May 24, 2022
Uncontrolled resource consumption vulnerability in Ethernet Port on MELSEC iQ-R, Q and L series... High Unreviewed
CVE-2020-5652 was published May 24, 2022
Resource Management Errors vulnerability in TCP/IP function included in the firmware of MELSEC iQ... High Unreviewed
CVE-2020-5658 was published May 24, 2022
In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan... High Unreviewed
CVE-2020-28030 was published May 24, 2022
On BIG-IP LTM 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.1, the Traffic... High Unreviewed
CVE-2020-5936 was published May 24, 2022
Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. A remote... High Unreviewed
CVE-2020-27978 was published May 24, 2022
A resource exhaustion issue was addressed with improved input validation. This issue is fixed in... Moderate Unreviewed
CVE-2019-8774 was published May 24, 2022
A memory consumption issue was addressed with improved memory handling. This issue is fixed in... High Unreviewed
CVE-2018-4474 was published May 24, 2022
A resource exhaustion issue was addressed with improved input validation. This issue is fixed in... Moderate Unreviewed
CVE-2018-4381 was published May 24, 2022
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest... Moderate Unreviewed
CVE-2020-27673 was published May 24, 2022
IBM Spectrum Scale V4.2.0.0 through V4.2.3.22 and V5.0.0.0 through V5.0.5 could allow a local... Moderate Unreviewed
CVE-2020-4491 was published May 24, 2022
A vulnerability in the SSL/TLS session handler of Cisco Adaptive Security Appliance (ASA)... High Unreviewed
CVE-2020-3572 was published May 24, 2022
A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD)... High Unreviewed
CVE-2020-3563 was published May 24, 2022
A vulnerability in the TCP packet processing of Cisco Adaptive Security Appliance (ASA) Software... High Unreviewed
CVE-2020-3554 was published May 24, 2022
A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security... High Unreviewed
CVE-2020-3528 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database