Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

172 advisories

Loading
A memory corruption vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader,... High Unreviewed
CVE-2022-22150 was published Feb 11, 2022
A flaw was found in darkhttpd. Invalid error handling allows remote attackers to cause denial-of... High Unreviewed
CVE-2020-25691 was published Apr 3, 2022
A specially crafted packet sent to the Fernhill SCADA Server Version 3.77 and earlier may cause... High Unreviewed
CVE-2022-21155 was published Apr 13, 2022
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10.0 (MTK... High Unreviewed
CVE-2020-11875 was published May 24, 2022
A security feature bypass vulnerability exists in Microsoft Word software when it fails to... High Unreviewed
CVE-2020-16933 was published May 24, 2022
There is a denial of service vulnerability in some huawei products. In specific scenarios, due to... High Unreviewed
CVE-2020-9213 was published May 24, 2022
In FreeBSD 12.2-STABLE before r365772, 11.4-STABLE before r365773, 12.1-RELEASE before p10, 11.4... High Unreviewed
CVE-2020-7468 was published May 24, 2022
An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr... High Unreviewed
CVE-2020-5802 was published May 24, 2022
An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-005. Hashing is mishandled for... High Unreviewed
CVE-2021-34549 was published May 24, 2022
There is a denial of service vulnerability in some huawei products. In specific scenarios, due to... High Unreviewed
CVE-2021-22328 was published May 24, 2022
A maliciously crafted PDF file may be used to dereference a pointer for read or write operation... High Unreviewed
CVE-2022-27872 was published Jun 22, 2022
A maliciously crafted PDF file when parsed through Autodesk AutoCAD 2023 causes an unhandled... High Unreviewed
CVE-2022-33887 was published Oct 4, 2022
A maliciously crafted MODEL and SLDPRT file can be used to write beyond the allocated buffer... High Unreviewed
CVE-2022-33886 was published Oct 4, 2022
A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG... High Unreviewed
CVE-2022-25795 was published Apr 14, 2022
A CWE-248: Uncaught Exception vulnerability exists IN Modicon M580 all versions prior to V2.80,... High Unreviewed
CVE-2019-6830 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon... High Unreviewed
CVE-2018-7849 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon... High Unreviewed
CVE-2018-7852 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon... High Unreviewed
CVE-2019-6807 was published May 24, 2022
Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) would not error upon receiving... High Unreviewed
CVE-2019-3565 was published May 24, 2022
C++ Facebook Thrift servers (using cpp2) would not error upon receiving messages with containers... High Unreviewed
CVE-2019-3552 was published May 24, 2022
A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could... High Unreviewed
CVE-2022-20920 was published Oct 11, 2022
Python Facebook Thrift servers would not error upon receiving messages with containers of fields... High Unreviewed
CVE-2019-3558 was published May 24, 2022
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager,... High Unreviewed
CVE-2022-36923 was published Aug 11, 2022
A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware versions prior to V2... High Unreviewed
CVE-2019-6809 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists Modicon M580 (firmware version prior to V2.90)... High Unreviewed
CVE-2019-6828 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database