Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

438 advisories

Loading
Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. A remote... High Unreviewed
CVE-2020-27978 was published May 24, 2022
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. High Unreviewed
CVE-2020-8037 was published May 24, 2022
An issue was discovered in Xen XAPI before 2020-12-15. Certain xenstore keys provide feedback... High Unreviewed
CVE-2020-29487 was published May 24, 2022
There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An... High Unreviewed
CVE-2020-9124 was published May 24, 2022
Pure-FTPd 1.0.48 allows remote attackers to prevent legitimate server use by making enough... High Unreviewed
CVE-2020-35359 was published May 24, 2022
NVIDIA Virtual GPU Manager NVIDIA vGPU manager contains a vulnerability in the vGPU plugin in... High Unreviewed
CVE-2021-1057 was published May 24, 2022
In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it... High Unreviewed
CVE-2020-14322 was published Aug 17, 2022
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation... High Unreviewed
CVE-2021-25173 was published May 24, 2022
An unauthenticated specially crafted packet sent by an attacker over the network will cause a... High Unreviewed
CVE-2020-24685 was published May 24, 2022
A stack overflow in pupnp 1.16.1 can cause the denial of service through the Parser_parseDocument... High Unreviewed
CVE-2021-28302 was published May 24, 2022
On WAGO PFC200 devices in different firmware versions with special crafted packets an attacker... High Unreviewed
CVE-2021-21000 was published May 24, 2022
VerneMQ MQTT Broker versions prior to 1.12.0 are vulnerable to a denial of service attack as a... High Unreviewed
CVE-2021-33176 was published May 24, 2022
Unbounded connection acceptance leads to file handle exhaustion High
CVE-2021-21293 was published for org.http4s:blaze-core_2.11 (Maven) Feb 2, 2021
Unbounded connection acceptance in http4s-blaze-server High
CVE-2021-21294 was published for org.http4s:http4s-blaze-server_2.12 (Maven) Feb 2, 2021
There is a resource management error vulnerability in eCNS280_TD V100R005C10SPC650. An attacker... High Unreviewed
CVE-2021-22363 was published May 24, 2022
Mintty before 3.4.5 allows remote servers to cause a denial of service (Windows GUI hang) by... High Unreviewed
CVE-2021-28848 was published May 24, 2022
EMQ X Broker versions prior to 4.2.8 are vulnerable to a denial of service attack as a result of... High Unreviewed
CVE-2021-33175 was published May 24, 2022
Etherpad < 1.8.3 is affected by a missing lock check which could cause a denial of service.... High Unreviewed
CVE-2020-22785 was published May 24, 2022
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels 7\" & 15\" (incl.... High Unreviewed
CVE-2021-27383 was published May 24, 2022
Insufficient size checks in ws High
CVE-2020-35896 was published for ws (Rust) Aug 25, 2021
The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to... High Unreviewed
CVE-2022-25761 was published Aug 24, 2022
A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP... High Unreviewed
CVE-2022-22278 was published Apr 28, 2022
A lack of rate limiting in the 'forgot password' feature of Zammad v5.1.0 allows attackers to... High Unreviewed
CVE-2022-29701 was published Apr 28, 2022
Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 in all versions/variants are affected... High Unreviewed
CVE-2021-33541 was published May 24, 2022
An uncontrolled resource consumption vulnerability in Juniper Networks Junos OS on QFX5000 Series... High Unreviewed
CVE-2021-0285 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database