Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,690
Maven
5,000+
npm
4,320
NuGet
760
pip
4,096
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

132 advisories

Loading
XPDF commit ffaf11c was discovered to contain a floating point exception (FPE) via DCTStream:... Moderate Unreviewed
CVE-2022-38230 was published Aug 17, 2022
fdkaac commit 53fe239 was discovered to contain a floating point exception (FPE) via wav_open at ... Moderate Unreviewed
CVE-2022-36148 was published Aug 17, 2022
jpeg-quantsmooth before commit 8879454 contained a floating point exception (FPE) via /jpeg... Moderate Unreviewed
CVE-2022-35434 was published Aug 17, 2022
Inefficient Regular Expression Complexity in vuelidate High
CVE-2021-3794 was published for @vuelidate/validators (npm) Sep 20, 2021
madcatone
Credited to madcatone
An issue was discovered in libjpeg through 2020021. An uncaught floating point exception in the... Moderate Unreviewed
CVE-2021-39514 was published May 24, 2022
In JetBrains YouTrack before 2021.2.16363, time-unsafe comparisons were used. High Unreviewed
CVE-2021-37550 was published May 24, 2022
A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) of Juniper Networks... Moderate Unreviewed
CVE-2021-0295 was published May 24, 2022
The Sieve engine in Dovecot before 2.3.15 allows Uncontrolled Resource Consumption, as... Moderate Unreviewed
CVE-2020-28200 was published May 24, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed
CVE-2021-34865 was published Jan 26, 2022
A denial of service vulnerability was found in n_tty_receive_char_special in drivers/tty/n_tty.c... Moderate Unreviewed
CVE-2021-20219 was published May 24, 2022
phpList 3.5.3 allows type juggling for login bypass because == is used instead of === for... Critical Unreviewed
CVE-2020-23361 was published May 24, 2022
WeBid 1.2.2 admin/newuser.php has an issue with password rechecking during registration because... Critical Unreviewed
CVE-2020-23359 was published May 24, 2022
oscommerce v2.3.4.1 has a functional problem in user registration and password rechecking, where... Critical Unreviewed
CVE-2020-23360 was published May 24, 2022
A denial-of-service vulnerability exists in the traffic-logging functionality of FreyrSCADA IEC... High Unreviewed
CVE-2020-13559 was published May 24, 2022
An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores... Moderate Unreviewed
CVE-2019-20634 was published May 24, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed
CVE-2020-8864 was published May 24, 2022
A vulnerability was found in mrobit robitailletheknot. It has been classified as problematic.... Critical Unreviewed
CVE-2014-125057 was published Jan 7, 2023
Regular expression denial of service in eth-account Moderate
CVE-2022-1930 was published for eth-account (pip) Aug 23, 2022
JetBrains Ktor before 2.1.0 was vulnerable to a Reflect File Download attack Moderate
CVE-2022-38179 was published for io.ktor:ktor (Maven) Aug 13, 2022
SWFTools commit 772e55a2 was discovered to contain a floating point exception (FPE) via DCTStream... Moderate Unreviewed
CVE-2022-35091 was published Sep 25, 2022
Incorrect Comparison in NumPy Moderate
CVE-2021-34141 was published for numpy (pip) Dec 18, 2021
An Incorrect Comparison vulnerability in PFE of Juniper Networks Junos OS allows an adjacent... Moderate Unreviewed
CVE-2022-22203 was published Jul 21, 2022
Timing attack on HMAC signature comparison in Apache Tapestry Critical
CVE-2019-10071 was published for org.apache.tapestry:tapestry-core (Maven) Sep 26, 2019
Regular expression denial of service in react-native High
CVE-2020-1920 was published for react-native (npm) Jul 20, 2021
Cross-origin resource sharing (CORS) enables browsers to perform cross domain requests in a... Critical Unreviewed
CVE-2021-27786 was published Jun 10, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database