Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,640
Maven
5,000+
npm
4,265
NuGet
760
pip
4,061
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,315 advisories

Loading
OpenStack Glance Denial of service by creating a large number of images High
CVE-2014-9684 was published for glance (pip) May 17, 2022
Django database denial-of-service with ModelMultipleChoiceField High
CVE-2015-0222 was published for Django (pip) May 17, 2022
MarkLee131
Credited to MarkLee131
Plone is vulnerable to denial of service High
CVE-2012-5499 was published for Plone (pip) May 17, 2022
Erlang Solutions MongooseIM vulnerable to denial of service (DoS) via crafted XMPP stream High
CVE-2014-2829 was published for MongooseIM (Erlang) May 17, 2022
OpenStack Nova VMWare driver leaks rescued images High
CVE-2014-2573 was published for nova (pip) May 17, 2022
OpenStack Compute (Nova) does not verify the virtual size of a QCOW2 image Moderate
CVE-2013-2096 was published for nova (pip) May 17, 2022
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of... Moderate Unreviewed
CVE-2019-3882 was published May 24, 2022
Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain an Improper... High Unreviewed
CVE-2019-3721 was published May 24, 2022
A vulnerability in the TCP ingress handler for the data interfaces that are configured with... High Unreviewed
CVE-2018-15462 was published May 24, 2022
An Environment (CWE-2) vulnerability exists in SoMachine Basic, all versions, and Modicon M221... High Unreviewed
CVE-2018-7821 was published May 24, 2022
Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This... High Unreviewed
CVE-2019-11479 was published May 24, 2022
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in... High Unreviewed
CVE-2019-11478 was published May 24, 2022
A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an... Moderate Unreviewed
CVE-2019-13112 was published May 24, 2022
** DISPUTED ** In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of... Moderate Unreviewed
CVE-2019-13960 was published May 24, 2022
Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to memory exhaustion. By... Moderate Unreviewed
CVE-2019-13954 was published May 24, 2022
A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8... Moderate Unreviewed
CVE-2019-10163 was published May 24, 2022
It was found that the fix for CVE-2018-14648 in 389-ds-base, versions 1.4.0.x before 1.4.0.17,... High Unreviewed
CVE-2019-10171 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization... High Unreviewed
CVE-2019-9511 was published May 24, 2022
golang.org/x/net/http vulnerable to a reset flood High
CVE-2019-9514 was published for golang.org/x/net (Go) May 24, 2022
Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of... Moderate Unreviewed
CVE-2019-9516 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial... High Unreviewed
CVE-2019-9515 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a... High Unreviewed
CVE-2019-9518 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially... High Unreviewed
CVE-2019-9517 was published May 24, 2022
An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may... High Unreviewed
CVE-2019-9012 was published May 24, 2022
In Envoy through 1.11.1, users may configure a route to match incoming path headers via the... High Unreviewed
CVE-2019-15225 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database