Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

486 advisories

Loading
An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes... Moderate Unreviewed
CVE-2020-14398 was published May 24, 2022
ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via... Moderate Unreviewed
CVE-2020-13800 was published May 24, 2022
Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers. Moderate Unreviewed
CVE-2020-12663 was published May 24, 2022
lib-smtp in submission-login and lmtp in Dovecot 2.3.9 before 2.3.9.3 mishandles truncated UTF-8... High Unreviewed
CVE-2020-7046 was published May 24, 2022
The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process... Low Unreviewed
CVE-2015-6815 was published May 24, 2022
In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an... High Unreviewed
CVE-2019-20421 was published May 24, 2022
The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a... Moderate Unreviewed
CVE-2015-5278 was published May 24, 2022
Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a... Moderate Unreviewed
CVE-2015-5239 was published May 24, 2022
In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an uncontrolled resource... Moderate Unreviewed
CVE-2020-1600 was published May 24, 2022
An exploitable denial-of-service vulnerability exists in the Dicom-packet parsing functionality... Moderate Unreviewed
CVE-2019-5091 was published May 24, 2022
Improper Check for filenames with overly long extensions in PostMaster (sending in email) or... Moderate Unreviewed
CVE-2019-18180 was published May 24, 2022
A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in... High Unreviewed
CVE-2019-5097 was published May 24, 2022
When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid... Moderate Unreviewed
CVE-2019-19451 was published May 24, 2022
ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service... High Unreviewed
CVE-2019-18217 was published May 24, 2022
An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of... Moderate Unreviewed
CVE-2019-17349 was published May 24, 2022
An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of... Moderate Unreviewed
CVE-2019-17350 was published May 24, 2022
In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite... High Unreviewed
CVE-2019-16319 was published May 24, 2022
In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service... Moderate Unreviewed
CVE-2019-15143 was published May 24, 2022
In mpc8_read_header in libavformat/mpc8.c in Libav 12.3, an input file can result in an avio_seek... High Unreviewed
CVE-2019-14442 was published May 24, 2022
In Libav 12.3, there is an infinite loop in the function wv_read_block_header() in the file wvdec.c. Moderate Unreviewed
CVE-2019-14372 was published May 24, 2022
mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does... Moderate Unreviewed
CVE-2019-1010189 was published May 24, 2022
Zipios before 0.1.7 does not properly handle certain malformed zip archives and can go into an... Moderate Unreviewed
CVE-2019-13453 was published May 24, 2022
On BIG-IP 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, Malformed http requests made to an undisclosed... Moderate Unreviewed
CVE-2019-6638 was published May 24, 2022
An improperly performed length calculation on a buffer in PlaintextRecordLayer could lead to an... Moderate Unreviewed
CVE-2019-3560 was published May 24, 2022
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and... High Unreviewed
CVE-2019-3900 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database