GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,014
Maven
5,000+
npm
3,721
NuGet
662
pip
3,393
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
173 advisories
Filter by severity
A memory corruption vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader,...
High
Unreviewed
CVE-2022-22150
was published
Feb 11, 2022
A flaw was found in darkhttpd. Invalid error handling allows remote attackers to cause denial-of...
High
Unreviewed
CVE-2020-25691
was published
Apr 3, 2022
A specially crafted packet sent to the Fernhill SCADA Server Version 3.77 and earlier may cause...
High
Unreviewed
CVE-2022-21155
was published
Apr 13, 2022
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10.0 (MTK...
High
Unreviewed
CVE-2020-11875
was published
May 24, 2022
A security feature bypass vulnerability exists in Microsoft Word software when it fails to...
High
Unreviewed
CVE-2020-16933
was published
May 24, 2022
There is a denial of service vulnerability in some huawei products. In specific scenarios, due to...
High
Unreviewed
CVE-2020-9213
was published
May 24, 2022
In FreeBSD 12.2-STABLE before r365772, 11.4-STABLE before r365773, 12.1-RELEASE before p10, 11.4...
High
Unreviewed
CVE-2020-7468
was published
May 24, 2022
An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr...
High
Unreviewed
CVE-2020-5802
was published
May 24, 2022
An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-005. Hashing is mishandled for...
High
Unreviewed
CVE-2021-34549
was published
May 24, 2022
There is a denial of service vulnerability in some huawei products. In specific scenarios, due to...
High
Unreviewed
CVE-2021-22328
was published
May 24, 2022
A maliciously crafted PDF file may be used to dereference a pointer for read or write operation...
High
Unreviewed
CVE-2022-27872
was published
Jun 22, 2022
A maliciously crafted PDF file when parsed through Autodesk AutoCAD 2023 causes an unhandled...
High
Unreviewed
CVE-2022-33887
was published
Oct 4, 2022
A maliciously crafted MODEL and SLDPRT file can be used to write beyond the allocated buffer...
High
Unreviewed
CVE-2022-33886
was published
Oct 4, 2022
A maliciously crafted DWG file can be used to write beyond the allocated buffer while parsing DWG...
High
Unreviewed
CVE-2022-25795
was published
Apr 14, 2022
A CWE-248: Uncaught Exception vulnerability exists IN Modicon M580 all versions prior to V2.80,...
High
Unreviewed
CVE-2019-6830
was published
May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon...
High
Unreviewed
CVE-2018-7849
was published
May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon...
High
Unreviewed
CVE-2018-7852
was published
May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon...
High
Unreviewed
CVE-2019-6807
was published
May 24, 2022
Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) would not error upon receiving...
High
Unreviewed
CVE-2019-3565
was published
May 24, 2022
C++ Facebook Thrift servers (using cpp2) would not error upon receiving messages with containers...
High
Unreviewed
CVE-2019-3552
was published
May 24, 2022
A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could...
High
Unreviewed
CVE-2022-20920
was published
Oct 11, 2022
Python Facebook Thrift servers would not error upon receiving messages with containers of fields...
High
Unreviewed
CVE-2019-3558
was published
May 24, 2022
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager,...
High
Unreviewed
CVE-2022-36923
was published
Aug 11, 2022
A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware versions prior to V2...
High
Unreviewed
CVE-2019-6809
was published
May 24, 2022
A CWE-248: Uncaught Exception vulnerability exists Modicon M580 (firmware version prior to V2.90)...
High
Unreviewed
CVE-2019-6828
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API