GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+
740 advisories
Filter by severity
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before...
Moderate
Unreviewed
CVE-2019-15165
was published
May 24, 2022
rdiffweb vulnerable to potential DoS via memory consumption
High
CVE-2022-3298
was published
for
rdiffweb
(pip)
Sep 27, 2022
A potential DoS flaw was found in the virtio-fs shared file system daemon (virtiofsd)...
Low
Unreviewed
CVE-2020-10717
was published
May 24, 2022
GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in...
Moderate
Unreviewed
CVE-2020-6610
was published
May 24, 2022
rdiffweb has no rate limit on resend email feature
Moderate
CVE-2022-4723
was published
for
rdiffweb
(pip)
Dec 27, 2022
pyftpdlib vulnerable to allocation of resources without limits
Moderate
CVE-2007-6740
was published
for
pyftpdlib
(pip)
May 1, 2022
Dell PowerScale OneFS, versions 8.2.0.x-9.4.0.x contain allocation of Resources Without Limits or...
High
Unreviewed
CVE-2022-34439
was published
Oct 21, 2022
An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit...
High
Unreviewed
CVE-2020-14405
was published
May 24, 2022
CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation.
Moderate
Unreviewed
CVE-2020-15806
was published
May 24, 2022
Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. A remote...
High
Unreviewed
CVE-2020-27978
was published
May 24, 2022
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.
High
Unreviewed
CVE-2020-8037
was published
May 24, 2022
An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping...
Moderate
Unreviewed
CVE-2020-29570
was published
May 24, 2022
An issue was discovered in Xen XAPI before 2020-12-15. Certain xenstore keys provide feedback...
High
Unreviewed
CVE-2020-29487
was published
May 24, 2022
There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An...
High
Unreviewed
CVE-2020-9124
was published
May 24, 2022
An issue was discovered in Xen through 4.14.x. Nodes in xenstore have an ownership. In oxenstored...
Moderate
Unreviewed
CVE-2020-29486
was published
May 24, 2022
An issue was discovered in Xen 4.14.x. When moving IRQs between CPUs to distribute the load of...
Moderate
Unreviewed
CVE-2020-29567
was published
May 24, 2022
Pure-FTPd 1.0.48 allows remote attackers to prevent legitimate server use by making enough...
High
Unreviewed
CVE-2020-35359
was published
May 24, 2022
An attacker-controlled memory allocation size can be passed to the C++ new operator in the...
Moderate
Unreviewed
CVE-2020-5806
was published
May 24, 2022
NVIDIA Virtual GPU Manager NVIDIA vGPU manager contains a vulnerability in the vGPU plugin in...
High
Unreviewed
CVE-2021-1057
was published
May 24, 2022
In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it...
High
Unreviewed
CVE-2020-14322
was published
Aug 17, 2022
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation...
High
Unreviewed
CVE-2021-25173
was published
May 24, 2022
A vulnerability in the web UI of Cisco Umbrella could allow an unauthenticated, remote attacker...
Moderate
Unreviewed
CVE-2021-1350
was published
May 24, 2022
A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system...
Moderate
Unreviewed
CVE-2020-25650
was published
May 24, 2022
A flaw was found in the spice-vdagentd daemon, where it did not properly handle client...
Moderate
Unreviewed
CVE-2020-25652
was published
May 24, 2022
IBM OpenBMC OP910 and OP940 could allow a privileged user to cause a denial of service by...
Moderate
Unreviewed
CVE-2022-22488
was published
Dec 12, 2022
ProTip!
Advisories are also available from the
GraphQL API