Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+

326 advisories

Loading
An issue was discovered in Bento4 1.5.1-627. The AP4_StcoAtom class in Core/Ap4StcoAtom.cpp has... Moderate Unreviewed
CVE-2018-20659 was published May 13, 2022
The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers... Moderate Unreviewed
CVE-2018-4868 was published May 13, 2022
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection... Moderate Unreviewed
CVE-2018-5296 was published May 13, 2022
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve... Moderate Unreviewed
CVE-2018-5783 was published May 13, 2022
Apache Tika vulnerable to uncontrolled memory consumption Moderate
CVE-2022-25169 was published for org.apache.tika:tika (Maven) May 17, 2022
xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by ... Moderate Unreviewed
CVE-2022-30775 was published May 17, 2022
Django denial of service via empty session record creation Moderate
CVE-2015-5963 was published for Django (pip) May 17, 2022
MarkLee131
Microsoft Communicator, and Communicator in Microsoft Office 2010 beta, allows remote attackers... Moderate Unreviewed
CVE-2008-5180 was published May 17, 2022
priority vulnerable to denial of service Moderate
CVE-2016-6580 was published for priority (pip) May 17, 2022
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of... Moderate Unreviewed
CVE-2019-3882 was published May 24, 2022
A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an... Moderate Unreviewed
CVE-2019-13112 was published May 24, 2022
** DISPUTED ** In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of... Moderate Unreviewed
CVE-2019-13960 was published May 24, 2022
Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to memory exhaustion. By... Moderate Unreviewed
CVE-2019-13954 was published May 24, 2022
A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8... Moderate Unreviewed
CVE-2019-10163 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of... Moderate Unreviewed
CVE-2019-9516 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco IC3000 Industrial Compute Gateway... Moderate Unreviewed
CVE-2019-12714 was published May 24, 2022
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before... Moderate Unreviewed
CVE-2019-15165 was published May 24, 2022
An issue was discovered in Bitdefender BOX firmware versions before 2.1.37.37-34 that affects the... Moderate Unreviewed
CVE-2019-12611 was published May 24, 2022
GitLab 12.2.3 contains a security vulnerability that allows a user to affect the availability of... Moderate Unreviewed
CVE-2019-15593 was published May 24, 2022
A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote... Moderate Unreviewed
CVE-2019-14834 was published May 24, 2022
GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in... Moderate Unreviewed
CVE-2020-6610 was published May 24, 2022
CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation. Moderate Unreviewed
CVE-2020-15806 was published May 24, 2022
A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system... Moderate Unreviewed
CVE-2020-25650 was published May 24, 2022
A flaw was found in the spice-vdagentd daemon, where it did not properly handle client... Moderate Unreviewed
CVE-2020-25652 was published May 24, 2022
An issue was discovered in Xen through 4.14.x. Nodes in xenstore have an ownership. In oxenstored... Moderate Unreviewed
CVE-2020-29486 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database