GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
739 advisories
Filter by severity
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac...
High
Unreviewed
CVE-2022-32050
was published
Jul 2, 2022
Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote...
Moderate
Unreviewed
CVE-2022-29892
was published
Jul 5, 2022
Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption...
High
Unreviewed
CVE-2022-29286
was published
Jul 18, 2022
TEE_Malloc in Samsung mTower through 0.3.0 allows a trusted application to achieve Excessive...
High
Unreviewed
CVE-2022-38155
was published
Aug 12, 2022
A remote attacker with general user privilege can send a message to Teamplus Pro’s chat group...
High
Unreviewed
CVE-2022-32958
was published
Jul 21, 2022
An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding...
High
Unreviewed
CVE-2022-22212
was published
Jul 21, 2022
Teamplus Pro community discussion has an ‘allocation of resource without limits or throttling’...
Moderate
Unreviewed
CVE-2022-35221
was published
Aug 3, 2022
Teamplus Pro community discussion function has an ‘allocation of resource without limits or...
Moderate
Unreviewed
CVE-2022-35220
was published
Aug 3, 2022
rdiffweb's unlimited length Fullname field can lead to DoS
Moderate
CVE-2022-3364
was published
for
rdiffweb
(pip)
Sep 30, 2022
rdiffweb's lack of token name length limit can result in DoS or memory corruption
High
CVE-2022-3371
was published
for
rdiffweb
(pip)
Oct 1, 2022
DDOS reflection amplification vulnerability in eAut module of Ruckus Wireless SmartZone...
High
Unreviewed
CVE-2021-36630
was published
Jan 18, 2023
Apache Avro Rust SDK's Reader could consume memory beyond allowed constraints
High
CVE-2022-36124
was published
for
apache-avro
(Rust)
Aug 10, 2022
On version 15.1.x before 15.1.3, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.6, when the...
Moderate
Unreviewed
CVE-2021-23053
was published
May 24, 2022
Uncontrolled Resource Consumption in opcua
High
CVE-2022-25888
was published
for
opcua
(Rust)
Aug 24, 2022
IBM Security Guardium Big Data Intelligence 4.0 (SonarG) does not properly restrict the size or...
High
Unreviewed
CVE-2019-4338
was published
May 24, 2022
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to...
High
Unreviewed
CVE-2022-42311
was published
Nov 1, 2022
Duplicate of GHSA-m77f-652q-wwp4
High
GHSA-2gg5-7c4v-6xx2
was published
for
axum-core
(Rust)
Sep 15, 2022
•
withdrawn
Out-of-Memory Error in Bouncy Castle Crypto
High
CVE-2019-17359
was published
for
org.bouncycastle:bcprov-jdk14
(Maven)
Oct 17, 2019
An Environment (CWE-2) vulnerability exists in SoMachine Basic, all versions, and Modicon M221...
High
Unreviewed
CVE-2018-7821
was published
May 24, 2022
An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding...
High
Unreviewed
CVE-2023-22403
was published
Jan 13, 2023
Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible...
Moderate
Unreviewed
CVE-2020-9059
was published
Jan 11, 2022
In tzdata there is possible memory corruption due to a mismatch between allocation and...
High
Unreviewed
CVE-2019-9290
was published
May 24, 2022
A flaw was found in Clmg, where with the help of a maliciously crafted pandore or bmp file with...
Moderate
Unreviewed
CVE-2022-1325
was published
Sep 1, 2022
In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function ...
Moderate
Unreviewed
CVE-2020-35534
was published
Sep 2, 2022
ProTip!
Advisories are also available from the
GraphQL API