Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

382 advisories

Loading
Out of bound write in logger due to prefix size is not validated while prepended to logging... High Unreviewed
CVE-2020-11294 was published May 24, 2022
Buffer overflow occurs when trying to convert ASCII string to Unicode string if the actual size... High Unreviewed
CVE-2020-11308 was published May 24, 2022
Out of bound memory read in Data modem while unpacking data due to lack of offset length check in... High Unreviewed
CVE-2020-11226 was published May 24, 2022
Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size... Critical Unreviewed
CVE-2020-11227 was published May 24, 2022
A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). The... High Unreviewed
CVE-2020-25241 was published May 24, 2022
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal... Critical Unreviewed
CVE-2020-35636 was published May 24, 2022
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal... Critical Unreviewed
CVE-2020-28601 was published May 24, 2022
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal... Critical Unreviewed
CVE-2020-28636 was published May 24, 2022
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal... Critical Unreviewed
CVE-2020-35628 was published May 24, 2022
Possible out of bounds while accessing global control elements due to race condition in... High Unreviewed
CVE-2020-11271 was published May 24, 2022
Possible memory corruption in BSI module due to improper validation of parameter count in... High Unreviewed
CVE-2020-11187 was published May 24, 2022
Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation... Critical Unreviewed
CVE-2020-11163 was published May 24, 2022
Out of bound write while copying data using IOCTL due to lack of check of array index received... High Unreviewed
CVE-2020-11146 was published May 24, 2022
In x/text in Go 1.15.4, a "slice bounds out of range" panic occurs in language... High Unreviewed
CVE-2020-28852 was published May 24, 2022
In x/text in Go 1.15.4, an "index out of range" panic occurs in language.ParseAcceptLanguage... High Unreviewed
CVE-2020-28851 was published May 24, 2022
lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has... Moderate Unreviewed
CVE-2020-20412 was published May 24, 2022
Garmin Forerunner 235 before 8.20 is affected by: Array index error. The component is: ConnectIQ... Critical Unreviewed
CVE-2020-27485 was published May 24, 2022
Garmin Forerunner 235 before 8.20 is affected by: Array index error. The component is: ConnectIQ... Critical Unreviewed
CVE-2020-27483 was published May 24, 2022
u'When a non standard SIP sigcomp message is received from the network, then there may be chances... Critical Unreviewed
CVE-2020-3639 was published May 24, 2022
u'Incorrect validation of ring context fetched from host memory can lead to memory overflow' in... High Unreviewed
CVE-2020-3632 was published May 24, 2022
u'Buffer overflow can happen as part of SIP message packet processing while storing values in... Critical Unreviewed
CVE-2020-3673 was published May 24, 2022
u'Buffer overflow occurs while processing SIP message packet due to lack of check of index... Critical Unreviewed
CVE-2020-3654 was published May 24, 2022
u'Array index underflow issue in adsp driver due to improper check of channel id before used as... High Unreviewed
CVE-2020-11174 was published May 24, 2022
u'SMEM partition can be manipulated in case of any compromise on HLOS, thus resulting in access... High Unreviewed
CVE-2019-10527 was published May 24, 2022
Possible memory corruption in perfservice due to improper validation array length taken from user... Moderate Unreviewed
CVE-2020-3676 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database