Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+

186 advisories

A memory corruption vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader,... High Unreviewed
CVE-2022-22150 was published Feb 11, 2022
Improper exception handling in Aedes High
CVE-2020-13410 was published for aedes (npm) May 6, 2021
A flaw was found in darkhttpd. Invalid error handling allows remote attackers to cause denial-of... High Unreviewed
CVE-2020-25691 was published Apr 3, 2022
A specially crafted packet sent to the Fernhill SCADA Server Version 3.77 and earlier may cause... High Unreviewed
CVE-2022-21155 was published Apr 13, 2022
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10.0 (MTK... High Unreviewed
CVE-2020-11875 was published May 24, 2022
A security feature bypass vulnerability exists in Microsoft Word software when it fails to... High Unreviewed
CVE-2020-16933 was published May 24, 2022
There is a denial of service vulnerability in some huawei products. In specific scenarios, due to... High Unreviewed
CVE-2020-9213 was published May 24, 2022
In FreeBSD 12.2-STABLE before r365772, 11.4-STABLE before r365773, 12.1-RELEASE before p10, 11.4... High Unreviewed
CVE-2020-7468 was published May 24, 2022
An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr... High Unreviewed
CVE-2020-5802 was published May 24, 2022
An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-005. Hashing is mishandled for... High Unreviewed
CVE-2021-34549 was published May 24, 2022
There is a denial of service vulnerability in some huawei products. In specific scenarios, due to... High Unreviewed
CVE-2021-22328 was published May 24, 2022
A maliciously crafted PDF file may be used to dereference a pointer for read or write operation... High Unreviewed
CVE-2022-27872 was published Jun 22, 2022
A maliciously crafted PDF file when parsed through Autodesk AutoCAD 2023 causes an unhandled... High Unreviewed
CVE-2022-33887 was published Oct 4, 2022
A maliciously crafted MODEL and SLDPRT file can be used to write beyond the allocated buffer... High Unreviewed
CVE-2022-33886 was published Oct 4, 2022
A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG... High Unreviewed
CVE-2022-25795 was published Apr 14, 2022
A CWE-248: Uncaught Exception vulnerability exists IN Modicon M580 all versions prior to V2.80,... High Unreviewed
CVE-2019-6830 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon... High Unreviewed
CVE-2018-7849 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon... High Unreviewed
CVE-2018-7852 was published May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon... High Unreviewed
CVE-2019-6807 was published May 24, 2022
C++ Facebook Thrift servers (using cpp2) would not error upon receiving messages with containers... High Unreviewed
CVE-2019-3552 was published May 24, 2022
Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) would not error upon receiving... High Unreviewed
CVE-2019-3565 was published May 24, 2022
A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could... High Unreviewed
CVE-2022-20920 was published Oct 11, 2022
Python Facebook Thrift servers would not error upon receiving messages with containers of fields... High Unreviewed
CVE-2019-3558 was published May 24, 2022
Yauaa vulnerable to ArrayIndexOutOfBoundsException triggered by a crafted Sec-Ch-Ua-Full-Version-List High
CVE-2022-23496 was published for nl.basjes.parse.useragent:yauaa (Maven) Dec 8, 2022
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager,... High Unreviewed
CVE-2022-36923 was published Aug 11, 2022
ProTip! Advisories are also available from the GraphQL API