Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

325 advisories

Loading
A flaw was found in Clmg, where with the help of a maliciously crafted pandore or bmp file with... Moderate Unreviewed
CVE-2022-1325 was published Sep 1, 2022
In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function ... Moderate Unreviewed
CVE-2020-35534 was published Sep 2, 2022
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before... Moderate Unreviewed
CVE-2019-15165 was published May 24, 2022
GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in... Moderate Unreviewed
CVE-2020-6610 was published May 24, 2022
rdiffweb has no rate limit on resend email feature Moderate
CVE-2022-4723 was published for rdiffweb (pip) Dec 27, 2022
pyftpdlib vulnerable to allocation of resources without limits Moderate
CVE-2007-6740 was published for pyftpdlib (pip) May 1, 2022
CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation. Moderate Unreviewed
CVE-2020-15806 was published May 24, 2022
An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping... Moderate Unreviewed
CVE-2020-29570 was published May 24, 2022
An issue was discovered in Xen through 4.14.x. Nodes in xenstore have an ownership. In oxenstored... Moderate Unreviewed
CVE-2020-29486 was published May 24, 2022
An issue was discovered in Xen 4.14.x. When moving IRQs between CPUs to distribute the load of... Moderate Unreviewed
CVE-2020-29567 was published May 24, 2022
An attacker-controlled memory allocation size can be passed to the C++ new operator in the... Moderate Unreviewed
CVE-2020-5806 was published May 24, 2022
A vulnerability in the web UI of Cisco Umbrella could allow an unauthenticated, remote attacker... Moderate Unreviewed
CVE-2021-1350 was published May 24, 2022
A flaw was found in the spice-vdagentd daemon, where it did not properly handle client... Moderate Unreviewed
CVE-2020-25652 was published May 24, 2022
A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system... Moderate Unreviewed
CVE-2020-25650 was published May 24, 2022
IBM OpenBMC OP910 and OP940 could allow a privileged user to cause a denial of service by... Moderate Unreviewed
CVE-2022-22488 was published Dec 12, 2022
An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are... Moderate Unreviewed
CVE-2020-29568 was published May 24, 2022
tifig v0.2.2 was discovered to contain a resource allocation issue via operator new(unsigned long... Moderate Unreviewed
CVE-2022-36155 was published Aug 17, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via... Moderate Unreviewed
CVE-2022-35113 was published Aug 17, 2022
Denial of service in Mattermost Moderate
CVE-2022-4044 was published for github.com/mattermost/mattermost-server (Go) Nov 23, 2022
Denial of service in Mattermost Moderate
CVE-2022-4045 was published for github.com/mattermost/mattermost-server (Go) Nov 23, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2. When... Moderate Unreviewed
CVE-2021-22210 was published May 24, 2022
There is a resource management error vulnerability in the verisions V500R001C60SPC500,... Moderate Unreviewed
CVE-2021-22360 was published May 24, 2022
A vulnerability has been identified in SCALANCE W780 and W740 (IEEE 802.11n) family (All versions... Moderate Unreviewed
CVE-2021-25666 was published May 24, 2022
Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12... Moderate Unreviewed
CVE-2021-22207 was published May 24, 2022
A denial-of-service vulnerability in the Mattermost Playbooks plugin allows an authenticated user... Moderate Unreviewed
CVE-2022-4019 was published Nov 23, 2022
ProTip! Advisories are also available from the GraphQL API