Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

920 advisories

Loading
In tzdata there is possible memory corruption due to a mismatch between allocation and... High Unreviewed
CVE-2019-9290 was published May 24, 2022
In Bluetooth, there is a possible remote code execution due to an improper memory allocation.... High Unreviewed
CVE-2019-9291 was published May 24, 2022
Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk... High Unreviewed
CVE-2019-16889 was published May 24, 2022
IBM Security Guardium Big Data Intelligence 4.0 (SonarG) does not properly restrict the size or... High Unreviewed
CVE-2019-4338 was published May 24, 2022
A peer could send empty handshake fragments containing only padding which would be kept in memory... High Unreviewed
CVE-2019-11924 was published May 24, 2022
In Envoy through 1.11.1, users may configure a route to match incoming path headers via the... High Unreviewed
CVE-2019-15225 was published May 24, 2022
An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may... High Unreviewed
CVE-2019-9012 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially... High Unreviewed
CVE-2019-9517 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial... High Unreviewed
CVE-2019-9515 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a... High Unreviewed
CVE-2019-9518 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of... Moderate Unreviewed
CVE-2019-9516 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization... High Unreviewed
CVE-2019-9511 was published May 24, 2022
It was found that the fix for CVE-2018-14648 in 389-ds-base, versions 1.4.0.x before 1.4.0.17,... High Unreviewed
CVE-2019-10171 was published May 24, 2022
A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8... Moderate Unreviewed
CVE-2019-10163 was published May 24, 2022
Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to memory exhaustion. By... Moderate Unreviewed
CVE-2019-13954 was published May 24, 2022
** DISPUTED ** In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of... Moderate Unreviewed
CVE-2019-13960 was published May 24, 2022
A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an... Moderate Unreviewed
CVE-2019-13112 was published May 24, 2022
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in... High Unreviewed
CVE-2019-11478 was published May 24, 2022
Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This... High Unreviewed
CVE-2019-11479 was published May 24, 2022
An Environment (CWE-2) vulnerability exists in SoMachine Basic, all versions, and Modicon M221... High Unreviewed
CVE-2018-7821 was published May 24, 2022
A vulnerability in the TCP ingress handler for the data interfaces that are configured with... High Unreviewed
CVE-2018-15462 was published May 24, 2022
Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain an Improper... High Unreviewed
CVE-2019-3721 was published May 24, 2022
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of... Moderate Unreviewed
CVE-2019-3882 was published May 24, 2022
Microsoft Communicator, and Communicator in Microsoft Office 2010 beta, allows remote attackers... Moderate Unreviewed
CVE-2008-5180 was published May 17, 2022
xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by ... Moderate Unreviewed
CVE-2022-30775 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database