Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,366 advisories

Loading
Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017... Moderate Unreviewed
CVE-2020-3753 was published May 24, 2022
A vulnerability has been identified in SCALANCE S602 (All versions >= V3.0), SCALANCE S612 (All... Moderate Unreviewed
CVE-2019-13925 was published May 24, 2022
A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An... Moderate Unreviewed
CVE-2020-1700 was published May 24, 2022
In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause... Moderate Unreviewed
CVE-2019-20446 was published May 24, 2022
Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8... Moderate Unreviewed
CVE-2020-8492 was published May 24, 2022
CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation... Moderate Unreviewed
CVE-2020-7052 was published May 24, 2022
Denial of service in ASP.NET Core Moderate
CVE-2020-0602 was published for Microsoft.AspNetCore.All (NuGet) May 24, 2022
skofman1
Credited to skofman1
GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in... Moderate Unreviewed
CVE-2020-6610 was published May 24, 2022
In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the listdir function in ls.c. Moderate Unreviewed
CVE-2019-20176 was published May 24, 2022
An issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_parse_* functions mishandle XML... Moderate Unreviewed
CVE-2019-20201 was published May 24, 2022
A denial of service exists in gitlab <v12.3.2, <v12.2.6, and <v12.1.10 that would let an attacker... Moderate Unreviewed
CVE-2019-15584 was published May 24, 2022
Inefficient Regular Expression Complexity in Jenkins Build Failure Analyzer Plugin Moderate
CVE-2019-16555 was published for com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer (Maven) May 24, 2022
GitLab 12.2.3 contains a security vulnerability that allows a user to affect the availability of... Moderate Unreviewed
CVE-2019-15593 was published May 24, 2022
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol... Moderate Unreviewed
CVE-2019-15264 was published May 24, 2022
A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard... Moderate Unreviewed
CVE-2019-10936 was published May 24, 2022
A vulnerability has been identified in CP1604 (All versions < V2.8), CP1616 (All versions < V2.8)... Moderate Unreviewed
CVE-2019-10923 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco IC3000 Industrial Compute Gateway... Moderate Unreviewed
CVE-2019-12714 was published May 24, 2022
A vulnerability in the configuration of the Pluggable Authentication Module (PAM) used in Cisco... Moderate Unreviewed
CVE-2019-12700 was published May 24, 2022
IBM MQ 9.1.0.0, 9.1.0.1, 9.1.1, and 9.1.0.2 is vulnerable to a denial of service due to a local... Moderate Unreviewed
CVE-2019-4049 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of... Moderate Unreviewed
CVE-2019-9516 was published May 24, 2022
Imgix through 2019-06-19 allows remote attackers to cause a denial of service (resource... Moderate Unreviewed
CVE-2019-13655 was published May 24, 2022
A vulnerability in the pfe-chassisd Chassis Manager (CMLC) daemon of Juniper Networks Junos OS... Moderate Unreviewed
CVE-2019-0046 was published May 24, 2022
DoS in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to Crash the SSH CLI interface by... Moderate Unreviewed
CVE-2019-5445 was published May 24, 2022
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST... Moderate Unreviewed
CVE-2019-11391 was published May 24, 2022
An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0. /rules/REQUEST... Moderate Unreviewed
CVE-2019-11388 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database