Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

739 advisories

Loading
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac... High Unreviewed
CVE-2022-32050 was published Jul 2, 2022
Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote... Moderate Unreviewed
CVE-2022-29892 was published Jul 5, 2022
Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption... High Unreviewed
CVE-2022-29286 was published Jul 18, 2022
TEE_Malloc in Samsung mTower through 0.3.0 allows a trusted application to achieve Excessive... High Unreviewed
CVE-2022-38155 was published Aug 12, 2022
A remote attacker with general user privilege can send a message to Teamplus Pro’s chat group... High Unreviewed
CVE-2022-32958 was published Jul 21, 2022
An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding... High Unreviewed
CVE-2022-22212 was published Jul 21, 2022
Teamplus Pro community discussion has an ‘allocation of resource without limits or throttling’... Moderate Unreviewed
CVE-2022-35221 was published Aug 3, 2022
Teamplus Pro community discussion function has an ‘allocation of resource without limits or... Moderate Unreviewed
CVE-2022-35220 was published Aug 3, 2022
rdiffweb's unlimited length Fullname field can lead to DoS Moderate
CVE-2022-3364 was published for rdiffweb (pip) Sep 30, 2022
rdiffweb's lack of token name length limit can result in DoS or memory corruption High
CVE-2022-3371 was published for rdiffweb (pip) Oct 1, 2022
DDOS reflection amplification vulnerability in eAut module of Ruckus Wireless SmartZone... High Unreviewed
CVE-2021-36630 was published Jan 18, 2023
Apache Avro Rust SDK's Reader could consume memory beyond allowed constraints High
CVE-2022-36124 was published for apache-avro (Rust) Aug 10, 2022
On version 15.1.x before 15.1.3, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.6, when the... Moderate Unreviewed
CVE-2021-23053 was published May 24, 2022
Uncontrolled Resource Consumption in opcua High
CVE-2022-25888 was published for opcua (Rust) Aug 24, 2022
IBM Security Guardium Big Data Intelligence 4.0 (SonarG) does not properly restrict the size or... High Unreviewed
CVE-2019-4338 was published May 24, 2022
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to... High Unreviewed
CVE-2022-42311 was published Nov 1, 2022
Duplicate of GHSA-m77f-652q-wwp4 High
GHSA-2gg5-7c4v-6xx2 was published for axum-core (Rust) Sep 15, 2022 withdrawn
Out-of-Memory Error in Bouncy Castle Crypto High
CVE-2019-17359 was published for org.bouncycastle:bcprov-jdk14 (Maven) Oct 17, 2019
Missing rate limit on rdiffweb Moderate
CVE-2022-3456 was published for rdiffweb (pip) Oct 14, 2022
An Environment (CWE-2) vulnerability exists in SoMachine Basic, all versions, and Modicon M221... High Unreviewed
CVE-2018-7821 was published May 24, 2022
An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding... High Unreviewed
CVE-2023-22403 was published Jan 13, 2023
Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible... Moderate Unreviewed
CVE-2020-9059 was published Jan 11, 2022
In tzdata there is possible memory corruption due to a mismatch between allocation and... High Unreviewed
CVE-2019-9290 was published May 24, 2022
A flaw was found in Clmg, where with the help of a maliciously crafted pandore or bmp file with... Moderate Unreviewed
CVE-2022-1325 was published Sep 1, 2022
In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function ... Moderate Unreviewed
CVE-2020-35534 was published Sep 2, 2022
ProTip! Advisories are also available from the GraphQL API