Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,645 advisories

Loading
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles... Moderate Unreviewed
CVE-2020-1021 was published May 24, 2022
The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. A local... Moderate Unreviewed
CVE-2019-14898 was published May 24, 2022
The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 allows local privilege escalation via... Moderate Unreviewed
CVE-2020-9475 was published May 24, 2022
A pivot_root race condition in fs/namespace.c in the Linux kernel 4.4.x before 4.4.221, 4.9.x... Low Unreviewed
CVE-2020-12114 was published May 24, 2022
On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1... Moderate Unreviewed
CVE-2020-5876 was published May 24, 2022
In the Linux kernel through 5.6.7 on the s390 platform, code execution may occur because of a... Moderate Unreviewed
CVE-2020-11884 was published May 24, 2022
An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 ... Moderate Unreviewed
CVE-2020-11810 was published May 24, 2022
Under certain conditions, when running the nsDocShell destructor, a race condition can cause a... Moderate Unreviewed
CVE-2020-6819 was published May 24, 2022
Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after... Moderate Unreviewed
CVE-2020-6820 was published May 24, 2022
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of... Moderate Unreviewed
CVE-2020-11739 was published May 24, 2022
KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1... Moderate Unreviewed
CVE-2020-8834 was published May 24, 2022
A race condition vulnerability on Juniper Network Junos OS devices may cause the routing protocol... Moderate Unreviewed
CVE-2020-1629 was published May 24, 2022
A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and... Low Unreviewed
CVE-2020-3894 was published May 24, 2022
An issue was discovered in Janus through 0.9.1. janus.c has multiple concurrent threads that... Moderate Unreviewed
CVE-2020-10577 was published May 24, 2022
init_tmp in TeeJee.FileSystem.vala in Timeshift before 20.03 unsafely reuses a preexisting... Moderate Unreviewed
CVE-2020-10174 was published May 24, 2022
Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64... Moderate Unreviewed
CVE-2019-20384 was published May 24, 2022
log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows local privilege escalation.... High Unreviewed
CVE-2019-18932 was published May 24, 2022
A vulnerability has been identified in SINAMICS PERFECT HARMONY GH180 Drives MLFB 6SR32..-.....-.... High Unreviewed
CVE-2019-19278 was published May 24, 2022
In LowEnergyClient::MtuChangedCallback of low_energy_client.cc, there is a possible out of bounds... Low Unreviewed
CVE-2020-0008 was published May 24, 2022
During the initialization of a new content process, a race condition occurs that can allow a... Low Unreviewed
CVE-2019-17021 was published May 24, 2022
Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a... Moderate Unreviewed
CVE-2019-17011 was published May 24, 2022
Under certain conditions, when checking the Resist Fingerprinting preference during device... Moderate Unreviewed
CVE-2019-17010 was published May 24, 2022
By using a form with a data URI it was possible to gain access to the privileged JSONView object... Moderate Unreviewed
CVE-2019-11761 was published May 24, 2022
In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas... Moderate Unreviewed
CVE-2019-19965 was published May 24, 2022
Cryptographic timing conditions in the subsystem for Intel(R) PTT before versions 11.8.70, 11.11... Moderate Unreviewed
CVE-2019-11090 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database