Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

585 advisories

Loading
A stack overflow in pupnp 1.16.1 can cause the denial of service through the Parser_parseDocument... High Unreviewed
CVE-2021-28302 was published May 24, 2022
An unauthenticated specially crafted packet sent by an attacker over the network will cause a... High Unreviewed
CVE-2020-24685 was published May 24, 2022
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation... High Unreviewed
CVE-2021-25173 was published May 24, 2022
A vulnerability in processing of certain DHCP packets from adjacent clients on EX Series and QFX... High Unreviewed
CVE-2021-0217 was published May 24, 2022
NVIDIA Virtual GPU Manager NVIDIA vGPU manager contains a vulnerability in the vGPU plugin in... High Unreviewed
CVE-2021-1057 was published May 24, 2022
There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An... High Unreviewed
CVE-2020-9124 was published May 24, 2022
Pure-FTPd 1.0.48 allows remote attackers to prevent legitimate server use by making enough... High Unreviewed
CVE-2020-35359 was published May 24, 2022
An issue was discovered in Xen XAPI before 2020-12-15. Certain xenstore keys provide feedback... High Unreviewed
CVE-2020-29487 was published May 24, 2022
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. High Unreviewed
CVE-2020-8037 was published May 24, 2022
Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. A remote... High Unreviewed
CVE-2020-27978 was published May 24, 2022
A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw... High Unreviewed
CVE-2020-25648 was published May 24, 2022
Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of... High Unreviewed
CVE-2020-3569 was published May 24, 2022
A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR... High Unreviewed
CVE-2020-3566 was published May 24, 2022
An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit... High Unreviewed
CVE-2020-14405 was published May 24, 2022
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF... High Unreviewed
CVE-2020-13114 was published May 24, 2022
SHAREit through 4.0.6.177 does not check the full message length from the received packet header ... High Unreviewed
CVE-2019-15234 was published May 24, 2022
SHAREit through 4.0.6.177 does not check the body length from the received packet header (which... High Unreviewed
CVE-2019-14941 was published May 24, 2022
Golang Facebook Thrift servers vulnerable to denial of service High
CVE-2019-11939 was published for github.com/facebook/fbthrift (Go) May 24, 2022
C++ Facebook Thrift servers would not error upon receiving messages declaring containers of sizes... High Unreviewed
CVE-2019-3553 was published May 24, 2022
An issue was discovered in NiceHash Miner before 2.0.3.0. A missing rate limit while adding a... High Unreviewed
CVE-2019-6120 was published May 24, 2022
An exploitable denial-of-service vulnerability exists in the Weave daemon of the Nest Cam IQ... High Unreviewed
CVE-2019-5043 was published May 24, 2022
Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks. Earlier versions of Apache... High Unreviewed
CVE-2019-10079 was published May 24, 2022
By design, BIND is intended to limit the number of TCP clients that can be connected at any given... High Unreviewed
CVE-2018-5743 was published May 24, 2022
An exploitable memory corruption vulnerability exists in the JavaScript engine of Foxit Software... High Unreviewed
CVE-2019-5031 was published May 24, 2022
JetBrains PyCharm before 2019.2 was allocating a buffer of unknown size for one of the connection... High Unreviewed
CVE-2019-14958 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database