Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

416 advisories

Loading
A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA... Moderate Unreviewed
CVE-2019-6847 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA... Moderate Unreviewed
CVE-2019-6841 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware version prior to V2... High Unreviewed
CVE-2019-6829 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Modicon BMENOC 0311, and... High Unreviewed
CVE-2019-6848 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA... Moderate Unreviewed
CVE-2019-6844 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists Modicon M580 (firmware version prior to V2.90)... High Unreviewed
CVE-2019-6828 was published May 24, 2022
Dell EMC NetWorker 19.2.1.x 19.3.x, 19.4.x, 19.5.x, 19.6.x and 19.7.0.0 contain an Improper... Moderate Unreviewed
CVE-2022-34368 was published Aug 31, 2022
A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware versions prior to V2... High Unreviewed
CVE-2019-6809 was published May 24, 2022
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager,... High Unreviewed
CVE-2022-36923 was published Aug 11, 2022
Yauaa vulnerable to ArrayIndexOutOfBoundsException triggered by a crafted Sec-Ch-Ua-Full-Version-List High
CVE-2022-23496 was published for nl.basjes.parse.useragent:yauaa (Maven) Dec 8, 2022
Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in... Low Unreviewed
CVE-2022-39912 was published Dec 8, 2022
Python Facebook Thrift servers would not error upon receiving messages with containers of fields... High Unreviewed
CVE-2019-3558 was published May 24, 2022
A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could... High Unreviewed
CVE-2022-20920 was published Oct 11, 2022
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS... Moderate Unreviewed
CVE-2019-10917 was published May 24, 2022
Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) would not error upon receiving... High Unreviewed
CVE-2019-3565 was published May 24, 2022
C++ Facebook Thrift servers (using cpp2) would not error upon receiving messages with containers... High Unreviewed
CVE-2019-3552 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon... High Unreviewed
CVE-2019-6807 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon... High Unreviewed
CVE-2018-7852 was published May 24, 2022
A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data... Moderate Unreviewed
CVE-2022-0264 was published Feb 11, 2022
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon... High Unreviewed
CVE-2018-7849 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists IN Modicon M580 all versions prior to V2.80,... High Unreviewed
CVE-2019-6830 was published May 24, 2022
A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG... High Unreviewed
CVE-2022-25795 was published Apr 14, 2022
Directus vulnerable to unhandled exception on illegal filename_disk value Moderate
CVE-2022-36031 was published for directus (npm) Aug 30, 2022
wgorecki
A maliciously crafted MODEL and SLDPRT file can be used to write beyond the allocated buffer... High Unreviewed
CVE-2022-33886 was published Oct 4, 2022
A maliciously crafted PDF file when parsed through Autodesk AutoCAD 2023 causes an unhandled... High Unreviewed
CVE-2022-33887 was published Oct 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database