Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

207 advisories

Loading
In NLnet Labs Routinator prior to 0.10.2, a validation run can be delayed significantly by an... High Unreviewed
CVE-2021-43173 was published May 24, 2022
selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a... High Unreviewed
CVE-2019-20218 was published May 24, 2022
The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash... High Unreviewed
CVE-2019-0060 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware version prior to V2... High Unreviewed
CVE-2019-6829 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Modicon BMENOC 0311, and... High Unreviewed
CVE-2019-6848 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists Modicon M580 (firmware version prior to V2.90)... High Unreviewed
CVE-2019-6828 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware versions prior to V2... High Unreviewed
CVE-2019-6809 was published May 24, 2022
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager,... High Unreviewed
CVE-2022-36923 was published Aug 11, 2022
Yauaa vulnerable to ArrayIndexOutOfBoundsException triggered by a crafted Sec-Ch-Ua-Full-Version-List High
CVE-2022-23496 was published for nl.basjes.parse.useragent:yauaa (Maven) Dec 8, 2022
Python Facebook Thrift servers would not error upon receiving messages with containers of fields... High Unreviewed
CVE-2019-3558 was published May 24, 2022
A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could... High Unreviewed
CVE-2022-20920 was published Oct 11, 2022
Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) would not error upon receiving... High Unreviewed
CVE-2019-3565 was published May 24, 2022
C++ Facebook Thrift servers (using cpp2) would not error upon receiving messages with containers... High Unreviewed
CVE-2019-3552 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon... High Unreviewed
CVE-2019-6807 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon... High Unreviewed
CVE-2018-7852 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon... High Unreviewed
CVE-2018-7849 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists IN Modicon M580 all versions prior to V2.80,... High Unreviewed
CVE-2019-6830 was published May 24, 2022
A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG... High Unreviewed
CVE-2022-25795 was published Apr 14, 2022
A maliciously crafted MODEL and SLDPRT file can be used to write beyond the allocated buffer... High Unreviewed
CVE-2022-33886 was published Oct 4, 2022
A maliciously crafted PDF file when parsed through Autodesk AutoCAD 2023 causes an unhandled... High Unreviewed
CVE-2022-33887 was published Oct 4, 2022
A maliciously crafted PDF file may be used to dereference a pointer for read or write operation... High Unreviewed
CVE-2022-27872 was published Jun 22, 2022
There is a denial of service vulnerability in some huawei products. In specific scenarios, due to... High Unreviewed
CVE-2021-22328 was published May 24, 2022
An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-005. Hashing is mishandled for... High Unreviewed
CVE-2021-34549 was published May 24, 2022
An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr... High Unreviewed
CVE-2020-5802 was published May 24, 2022
In FreeBSD 12.2-STABLE before r365772, 11.4-STABLE before r365773, 12.1-RELEASE before p10, 11.4... High Unreviewed
CVE-2020-7468 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database