Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,321 advisories

Loading
Out of bounds write in Intel BIOS platform sample code for some Intel(R) Processors may allow a... Moderate Unreviewed
CVE-2020-8740 was published May 24, 2022
Out of bounds write in BIOS firmware for some Intel(R) Processors may allow an authenticated user... Moderate Unreviewed
CVE-2020-0592 was published May 24, 2022
libmaxminddb before 1.4.3 has a heap-based buffer over-read in dump_entry_data_list in maxminddb.c. Moderate Unreviewed
CVE-2020-28241 was published May 24, 2022
Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI... Moderate Unreviewed
CVE-2019-14715 was published May 24, 2022
Heap-based buffer overflow in archive_string_append_from_wcs() (archive_string.c) in libarchive-3... Moderate Unreviewed
CVE-2020-21674 was published May 24, 2022
The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer... Moderate Unreviewed
CVE-2020-26571 was published May 24, 2022
The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer... Moderate Unreviewed
CVE-2020-26570 was published May 24, 2022
The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow... Moderate Unreviewed
CVE-2020-26572 was published May 24, 2022
fitz/pixmap.c in Artifex MuPDF 1.17.0 has an overflow during pixmap size calculation. Moderate Unreviewed
CVE-2020-26519 was published May 24, 2022
QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd... Moderate Unreviewed
CVE-2020-25085 was published May 24, 2022
An issue was discovered in Xen through 4.14.x. Out of bounds event channels are available to 32... Moderate Unreviewed
CVE-2020-25600 was published May 24, 2022
A flaw was found in the Linux kernel in versions from 2.2.3 through 5.9.rc5. When changing screen... Moderate Unreviewed
CVE-2020-14390 was published May 24, 2022
In NFC, there is a possible out of bounds write due to uninitialized data. This could lead to... Moderate Unreviewed
CVE-2020-0326 was published May 24, 2022
A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure... Moderate Unreviewed
CVE-2020-9727 was published May 24, 2022
A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure... Moderate Unreviewed
CVE-2020-9728 was published May 24, 2022
A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure... Moderate Unreviewed
CVE-2020-9730 was published May 24, 2022
A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure... Moderate Unreviewed
CVE-2020-9731 was published May 24, 2022
A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure... Moderate Unreviewed
CVE-2020-9729 was published May 24, 2022
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PLT file received... Moderate Unreviewed
CVE-2020-6359 was published May 24, 2022
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated RLE files... Moderate Unreviewed
CVE-2020-6361 was published May 24, 2022
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated U3D file received... Moderate Unreviewed
CVE-2020-6357 was published May 24, 2022
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated DIB file received... Moderate Unreviewed
CVE-2020-6360 was published May 24, 2022
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated TGA file received... Moderate Unreviewed
CVE-2020-6355 was published May 24, 2022
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated BMP file received... Moderate Unreviewed
CVE-2020-6350 was published May 24, 2022
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated GIF file received... Moderate Unreviewed
CVE-2020-6349 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database