Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

403 advisories

Loading
GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in... Moderate Unreviewed
CVE-2020-6610 was published May 24, 2022
CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation. Moderate Unreviewed
CVE-2020-15806 was published May 24, 2022
An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping... Moderate Unreviewed
CVE-2020-29570 was published May 24, 2022
An issue was discovered in Xen through 4.14.x. Nodes in xenstore have an ownership. In oxenstored... Moderate Unreviewed
CVE-2020-29486 was published May 24, 2022
An issue was discovered in Xen 4.14.x. When moving IRQs between CPUs to distribute the load of... Moderate Unreviewed
CVE-2020-29567 was published May 24, 2022
An attacker-controlled memory allocation size can be passed to the C++ new operator in the... Moderate Unreviewed
CVE-2020-5806 was published May 24, 2022
A vulnerability in the web UI of Cisco Umbrella could allow an unauthenticated, remote attacker... Moderate Unreviewed
CVE-2021-1350 was published May 24, 2022
A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system... Moderate Unreviewed
CVE-2020-25650 was published May 24, 2022
A flaw was found in the spice-vdagentd daemon, where it did not properly handle client... Moderate Unreviewed
CVE-2020-25652 was published May 24, 2022
IBM OpenBMC OP910 and OP940 could allow a privileged user to cause a denial of service by... Moderate Unreviewed
CVE-2022-22488 was published Dec 12, 2022
An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are... Moderate Unreviewed
CVE-2020-29568 was published May 24, 2022
tifig v0.2.2 was discovered to contain a resource allocation issue via operator new(unsigned long... Moderate Unreviewed
CVE-2022-36155 was published Aug 17, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via... Moderate Unreviewed
CVE-2022-35113 was published Aug 17, 2022
Denial of service in Mattermost Moderate
CVE-2022-4044 was published for github.com/mattermost/mattermost-server (Go) Nov 23, 2022
Denial of service in Mattermost Moderate
CVE-2022-4045 was published for github.com/mattermost/mattermost-server (Go) Nov 23, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2. When... Moderate Unreviewed
CVE-2021-22210 was published May 24, 2022
There is a resource management error vulnerability in the verisions V500R001C60SPC500,... Moderate Unreviewed
CVE-2021-22360 was published May 24, 2022
A vulnerability has been identified in SCALANCE W780 and W740 (IEEE 802.11n) family (All versions... Moderate Unreviewed
CVE-2021-25666 was published May 24, 2022
Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12... Moderate Unreviewed
CVE-2021-22207 was published May 24, 2022
tifig v0.2.2 was discovered to contain a heap-buffer overflow via __asan_memmove at /asan... Moderate Unreviewed
CVE-2022-36150 was published Aug 17, 2022
A denial-of-service vulnerability in the Mattermost Playbooks plugin allows an authenticated user... Moderate Unreviewed
CVE-2022-4019 was published Nov 23, 2022
A vulnerability in the handling of internal resources necessary to bring up a large number of... Moderate Unreviewed
CVE-2021-0224 was published May 24, 2022
Asymmetric Resource Consumption (Amplification) in Docker containers created by Wings Moderate
CVE-2021-32699 was published for github.com/pterodactyl/wings (Go) Jun 23, 2021
angular vulnerable to regular expression denial of service (ReDoS) Moderate
CVE-2022-25844 was published for angular (npm) May 3, 2022
The Sieve engine in Dovecot before 2.3.15 allows Uncontrolled Resource Consumption, as... Moderate Unreviewed
CVE-2020-28200 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database