Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,262
NuGet
760
pip
4,058
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,092 advisories

Loading
A flaw was found in the OpenShift API Server, where it failed to sufficiently protect OAuthTokens... Moderate Unreviewed
CVE-2020-10752 was published May 24, 2022
In Parse_art of eas_mdls.c, there is possible resource exhaustion due to a missing bounds check.... Moderate Unreviewed
CVE-2020-0172 was published May 24, 2022
In Parse_ptbl of eas_mdls.c, there is possible resource exhaustion due to a missing bounds check.... Moderate Unreviewed
CVE-2020-0174 was published May 24, 2022
In XMF_ReadNode of eas_xmf.c, there is possible resource exhaustion due to improper input... Moderate Unreviewed
CVE-2020-0175 was published May 24, 2022
In RTTTL_Event of eas_rtttl.c, there is possible resource exhaustion due to a missing bounds... Moderate Unreviewed
CVE-2020-0169 was published May 24, 2022
In Parse_lart of eas_mdls.c, there is possible resource exhaustion due to a missing bounds check.... Moderate Unreviewed
CVE-2020-0171 was published May 24, 2022
In IMY_Event of eas_imelody.c, there is possible resource exhaustion due to a missing bounds... Moderate Unreviewed
CVE-2020-0170 was published May 24, 2022
In Parse_lins of eas_mdls.c, there is possible resource exhaustion due to improper input... Moderate Unreviewed
CVE-2020-0173 was published May 24, 2022
A memory consumption issue was addressed with improved memory handling. This issue is fixed in... High Unreviewed
CVE-2020-9859 was published May 24, 2022
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource... Moderate Unreviewed
CVE-2020-13808 was published May 24, 2022
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has a use-after-free... Moderate Unreviewed
CVE-2020-13806 was published May 24, 2022
An issue was discovered in Foxit PhantomPDF before 8.3.12. It allows memory consumption because... Moderate Unreviewed
CVE-2019-20814 was published May 24, 2022
An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It allows stack consumption... Moderate Unreviewed
CVE-2019-20819 was published May 24, 2022
An issue was discovered in Foxit PhantomPDF before 8.3.12. It allows stack consumption via nested... Moderate Unreviewed
CVE-2019-20815 was published May 24, 2022
An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It allows memory consumption... Moderate Unreviewed
CVE-2019-20818 was published May 24, 2022
A vulnerability in the locally significant certificate (LSC) provisioning feature of Cisco... High Unreviewed
CVE-2020-3203 was published May 24, 2022
An issue was discovered in the Linux kernel before 5.4.7. The prb_calc_retire_blk_tmo() function... Moderate Unreviewed
CVE-2019-20812 was published May 24, 2022
A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before... Moderate Unreviewed
CVE-2020-6937 was published May 24, 2022
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF... High Unreviewed
CVE-2020-13114 was published May 24, 2022
A remote user can create a specially crafted M3U file, media playlist file that when loaded by... Moderate Unreviewed
CVE-2020-13152 was published May 24, 2022
In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash.... Moderate Unreviewed
CVE-2020-13164 was published May 24, 2022
Knot Resolver before 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker... Moderate Unreviewed
CVE-2020-12667 was published May 24, 2022
PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against... Moderate Unreviewed
CVE-2020-10995 was published May 24, 2022
An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces... Moderate Unreviewed
CVE-2019-20794 was published May 24, 2022
A vulnerability in the ARP packet processing of Cisco Adaptive Security Appliance (ASA) Software... Moderate Unreviewed
CVE-2020-3334 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database