GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,745

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

330 advisories

Filter by severity

Sort by

Least recently updated

In tzdata there is possible memory corruption due to a mismatch between allocation and... High Unreviewed

CVE-2019-9290 was published May 24, 2022

In Bluetooth, there is a possible remote code execution due to an improper memory allocation.... High Unreviewed

CVE-2019-9291 was published May 24, 2022

Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk... High Unreviewed

CVE-2019-16889 was published May 24, 2022

IBM Security Guardium Big Data Intelligence 4.0 (SonarG) does not properly restrict the size or... High Unreviewed

CVE-2019-4338 was published May 24, 2022

A peer could send empty handshake fragments containing only padding which would be kept in memory... High Unreviewed

CVE-2019-11924 was published May 24, 2022

In Envoy through 1.11.1, users may configure a route to match incoming path headers via the... High Unreviewed

CVE-2019-15225 was published May 24, 2022

An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may... High Unreviewed

CVE-2019-9012 was published May 24, 2022

Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially... High Unreviewed

CVE-2019-9517 was published May 24, 2022

Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a... High Unreviewed

CVE-2019-9518 was published May 24, 2022

Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial... High Unreviewed

CVE-2019-9515 was published May 24, 2022

Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization... High Unreviewed

CVE-2019-9511 was published May 24, 2022

It was found that the fix for CVE-2018-14648 in 389-ds-base, versions 1.4.0.x before 1.4.0.17,... High Unreviewed

CVE-2019-10171 was published May 24, 2022

Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in... High Unreviewed

CVE-2019-11478 was published May 24, 2022

Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This... High Unreviewed

CVE-2019-11479 was published May 24, 2022

An Environment (CWE-2) vulnerability exists in SoMachine Basic, all versions, and Modicon M221... High Unreviewed

CVE-2018-7821 was published May 24, 2022

A vulnerability in the TCP ingress handler for the data interfaces that are configured with... High Unreviewed

CVE-2018-15462 was published May 24, 2022

Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain an Improper... High Unreviewed

CVE-2019-3721 was published May 24, 2022

VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to... High Unreviewed

CVE-2017-15124 was published May 14, 2022

WebLog Expert Web Server Enterprise 9.4 allows Remote Denial Of Service (daemon crash) via a long... High Unreviewed

CVE-2018-7582 was published May 13, 2022

Go Ethereum (aka geth) 1.8.19 allows attackers to cause a denial of service (memory consumption)... High Unreviewed

CVE-2018-20421 was published May 13, 2022

A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS... High Unreviewed

CVE-2018-15373 was published May 13, 2022

A stack exhaustion vulnerability in the search function of dtSearch 7.90.8538.1 and prior allows... High Unreviewed

CVE-2018-11488 was published May 13, 2022

rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through... High Unreviewed

CVE-2017-8779 was published May 13, 2022

In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel memory can... High Unreviewed

CVE-2017-8253 was published May 13, 2022

** DISPUTED ** The GNU Multiple Precision Arithmetic Library (GMP) interfaces for PHP through 7.1... High Unreviewed

CVE-2017-7963 was published May 13, 2022

Previous 1 2 … 8 9 10 11 12 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

330 advisories