GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
321 advisories
Filter by severity
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.
High
Unreviewed
CVE-2020-8037
was published
May 24, 2022
Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. A remote...
High
Unreviewed
CVE-2020-27978
was published
May 24, 2022
A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw...
High
Unreviewed
CVE-2020-25648
was published
May 24, 2022
Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of...
High
Unreviewed
CVE-2020-3569
was published
May 24, 2022
A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR...
High
Unreviewed
CVE-2020-3566
was published
May 24, 2022
An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit...
High
Unreviewed
CVE-2020-14405
was published
May 24, 2022
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF...
High
Unreviewed
CVE-2020-13114
was published
May 24, 2022
SHAREit through 4.0.6.177 does not check the full message length from the received packet header ...
High
Unreviewed
CVE-2019-15234
was published
May 24, 2022
SHAREit through 4.0.6.177 does not check the body length from the received packet header (which...
High
Unreviewed
CVE-2019-14941
was published
May 24, 2022
C++ Facebook Thrift servers would not error upon receiving messages declaring containers of sizes...
High
Unreviewed
CVE-2019-3553
was published
May 24, 2022
An issue was discovered in NiceHash Miner before 2.0.3.0. A missing rate limit while adding a...
High
Unreviewed
CVE-2019-6120
was published
May 24, 2022
An exploitable denial-of-service vulnerability exists in the Weave daemon of the Nest Cam IQ...
High
Unreviewed
CVE-2019-5043
was published
May 24, 2022
Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks. Earlier versions of Apache...
High
Unreviewed
CVE-2019-10079
was published
May 24, 2022
By design, BIND is intended to limit the number of TCP clients that can be connected at any given...
High
Unreviewed
CVE-2018-5743
was published
May 24, 2022
An exploitable memory corruption vulnerability exists in the JavaScript engine of Foxit Software...
High
Unreviewed
CVE-2019-5031
was published
May 24, 2022
JetBrains PyCharm before 2019.2 was allocating a buffer of unknown size for one of the connection...
High
Unreviewed
CVE-2019-14958
was published
May 24, 2022
In tzdata there is possible memory corruption due to a mismatch between allocation and...
High
Unreviewed
CVE-2019-9290
was published
May 24, 2022
In Bluetooth, there is a possible remote code execution due to an improper memory allocation....
High
Unreviewed
CVE-2019-9291
was published
May 24, 2022
Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk...
High
Unreviewed
CVE-2019-16889
was published
May 24, 2022
IBM Security Guardium Big Data Intelligence 4.0 (SonarG) does not properly restrict the size or...
High
Unreviewed
CVE-2019-4338
was published
May 24, 2022
A peer could send empty handshake fragments containing only padding which would be kept in memory...
High
Unreviewed
CVE-2019-11924
was published
May 24, 2022
In Envoy through 1.11.1, users may configure a route to match incoming path headers via the...
High
Unreviewed
CVE-2019-15225
was published
May 24, 2022
An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may...
High
Unreviewed
CVE-2019-9012
was published
May 24, 2022
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially...
High
Unreviewed
CVE-2019-9517
was published
May 24, 2022
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial...
High
Unreviewed
CVE-2019-9515
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API