Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,737
Maven
5,000+
npm
4,337
NuGet
764
pip
4,112
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

268 advisories

Loading
An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart... High Unreviewed
CVE-2018-4002 was published May 24, 2022
ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because... Moderate Unreviewed
CVE-2019-18853 was published May 24, 2022
A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba... Moderate Unreviewed
CVE-2020-10704 was published May 24, 2022
Products with Unified Automation .NET based OPC UA Client/Server SDK Bundle: Versions V3.0.7 and... High Unreviewed
CVE-2021-27434 was published May 24, 2022
An exploitable denial-of-service vulnerability exists in the resource record-parsing... Moderate Unreviewed
CVE-2020-6071 was published May 24, 2022
PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against... Moderate Unreviewed
CVE-2020-10995 was published May 24, 2022
Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack"... Moderate Unreviewed
CVE-2020-12662 was published May 24, 2022
ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via... Moderate Unreviewed
CVE-2020-13800 was published May 24, 2022
HAProxyMessageDecoder Stack Exhaustion DoS Moderate
CVE-2022-41881 was published for io.netty:netty-codec-haproxy (Maven) Dec 12, 2022
In imap_scan_tree_recursive in Claws Mail through 3.17.6, a malicious IMAP server can trigger... Moderate Unreviewed
CVE-2020-16094 was published May 24, 2022
url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger... Moderate Unreviewed
CVE-2020-25219 was published May 24, 2022
An issue was discovered in Xen through 4.14.x. When they require assistance from the device model... Moderate Unreviewed
CVE-2020-29566 was published May 24, 2022
The fb_unserialize function did not impose a depth limit for nested deserialization. That meant a... High Unreviewed
CVE-2020-1898 was published May 24, 2022
Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an... High Unreviewed
CVE-2022-28131 was published Aug 11, 2022
An issue was discovered in OSSEC 3.6.0. An uncontrolled recursion vulnerability in os_xml.c... High Unreviewed
CVE-2021-28040 was published May 24, 2022
A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray(),... Moderate Unreviewed
CVE-2021-30470 was published May 24, 2022
A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree::AddToDictionary... Moderate Unreviewed
CVE-2021-30471 was published May 24, 2022
OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC UA .NET Legacy are... High Unreviewed
CVE-2021-27432 was published May 24, 2022
A stack overflow in libyang <= v1.0.225 can cause a denial of service through function... High Unreviewed
CVE-2021-28903 was published May 24, 2022
An unlimited recursion in DxeCore in EDK II. High Unreviewed
CVE-2021-28210 was published May 24, 2022
In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote... Moderate Unreviewed
CVE-2020-12100 was published May 24, 2022
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows stack consumption... High Unreviewed
CVE-2021-38569 was published May 24, 2022
A component of the HarmonyOS has a External Control of System or Configuration Setting... Moderate Unreviewed
CVE-2021-22454 was published May 24, 2022
Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform... Moderate Unreviewed
CVE-2021-43519 was published May 24, 2022
In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could... High Unreviewed
CVE-2019-12295 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database