Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

416 advisories

Loading
An issue has been found in function DCTStream::decodeImage in PDF2JSON 0.70 that allows attackers... Moderate Unreviewed
CVE-2020-19473 was published May 24, 2022
Improper Handling of Exceptional Conditions in Ethernet interface frame processing of Juniper... Moderate Unreviewed
CVE-2021-0290 was published May 24, 2022
Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 produce incorrect PDF document signatures... Moderate Unreviewed
CVE-2021-33795 was published May 24, 2022
A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG... High Unreviewed
CVE-2021-27042 was published May 24, 2022
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service ... Moderate Unreviewed
CVE-2014-1943 was published May 17, 2022
Improper handling of address deregistration on failure can lead to new GPU address allocation... Moderate Unreviewed
CVE-2021-1906 was published May 24, 2022
An improper exception control in softsimd prior to SMR APR-2021 Release 1 allows unprivileged... High Unreviewed
CVE-2021-25365 was published May 24, 2022
VIGRA Computer Vision Library Version-1-11-1 contains a segmentation fault vulnerability in the... Moderate Unreviewed
CVE-2021-30046 was published May 24, 2022
In updateDrawable of StatusBarIconView.java, there is a possible permission bypass due to an... High Unreviewed
CVE-2021-0478 was published May 24, 2022
IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed
CVE-2019-4722 was published May 24, 2022
ModSecurity 3.x before 3.0.4 mishandles key-value pair parsing, as demonstrated by a "string... Moderate Unreviewed
CVE-2019-25043 was published May 24, 2022
Improper check or handling of exceptional conditions in LOGITEC LAN-W300N/PR5B allows a remote... Moderate Unreviewed
CVE-2021-20637 was published May 24, 2022
Mintty before 3.4.7 mishandles Bracketed Paste Mode. High Unreviewed
CVE-2021-31701 was published May 24, 2022
Due to a vulnerability in DDoS protection in Juniper Networks Junos OS and Junos OS Evolved on... High Unreviewed
CVE-2021-0259 was published May 24, 2022
On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent,... High Unreviewed
CVE-2021-0241 was published May 24, 2022
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels 7\" & 15\" (incl.... High Unreviewed
CVE-2021-25662 was published May 24, 2022
A vulnerability in the processing of traffic matching a firewall filter containing a syslog... Moderate Unreviewed
CVE-2021-0264 was published May 24, 2022
On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent,... High Unreviewed
CVE-2021-0240 was published May 24, 2022
RRC sends a connection establishment success to NAS even though connection setup validation... High Unreviewed
CVE-2020-11243 was published May 24, 2022
Multiple vulnerabilities in the web UI of Cisco IOS XE Software could allow an authenticated,... Moderate Unreviewed
CVE-2021-1356 was published May 24, 2022
decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result... High Unreviewed
CVE-2021-28831 was published May 24, 2022
Improper check or handling of exceptional conditions in LOGITEC LAN-W300N/RS allows a remote... Moderate Unreviewed
CVE-2021-20642 was published May 24, 2022
Improper Handling of Exceptional Conditions and Improper Input Validation in Reactor Netty High
CVE-2020-5403 was published for io.projectreactor.netty:reactor-netty-http (Maven) Feb 10, 2022
An attacker can craft and send an OpenNamespace message to port 4241 with valid session-id that... High Unreviewed
CVE-2020-5801 was published May 24, 2022
An unauthenticated remote attacker can send data to RsvcHost.exe listening on TCP port 5241 to... High Unreviewed
CVE-2020-5807 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database