GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
516 advisories
Filter by severity
Multipart form parsing can consume large amounts of CPU and memory when processing form inputs...
High
Unreviewed
CVE-2023-24536
was published
Apr 6, 2023
User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4...
Moderate
Unreviewed
CVE-2023-0382
was published
Apr 5, 2023
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows...
Moderate
Unreviewed
CVE-2023-1544
was published
Mar 23, 2023
A vulnerability in the HTTP-based client profiling feature of Cisco IOS XE Software for Wireless...
Moderate
Unreviewed
CVE-2023-20067
was published
Mar 23, 2023
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple...
Moderate
Unreviewed
CVE-2022-42334
was published
Mar 21, 2023
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple...
High
Unreviewed
CVE-2022-42333
was published
Mar 21, 2023
A denial of service is possible from excessive resource consumption in net/http and mime...
High
Unreviewed
CVE-2022-41725
was published
Feb 28, 2023
Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method...
High
Unreviewed
CVE-2022-31394
was published
Feb 21, 2023
Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification...
High
Unreviewed
CVE-2023-26249
was published
Feb 21, 2023
An issue in Giorgio Tani peazip v.9.0.0 allows attackers to cause a denial of service via the End...
Moderate
Unreviewed
CVE-2023-24785
was published
Feb 17, 2023
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution...
Critical
Unreviewed
CVE-2023-0568
was published
Feb 16, 2023
Transient DOS due to uncontrolled resource consumption in WLAN firmware when peer is freed in non...
High
Unreviewed
CVE-2022-40513
was published
Feb 12, 2023
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via...
High
Unreviewed
CVE-2023-25193
was published
Feb 4, 2023
In BIP-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x...
High
Unreviewed
CVE-2023-22323
was published
Feb 1, 2023
Due to insufficient length validation in the Open5GS GTP library versions prior to versions 2.4...
High
Unreviewed
CVE-2023-23846
was published
Feb 1, 2023
In multiple functions of AutomaticZenRule.java, there is a possible failure to persist...
High
Unreviewed
CVE-2022-20490
was published
Jan 26, 2023
In AutomaticZenRule of AutomaticZenRule.java, there is a possible failure to persist permissions...
High
Unreviewed
CVE-2022-20456
was published
Jan 26, 2023
In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions...
High
Unreviewed
CVE-2022-20489
was published
Jan 26, 2023
In AutomaticZenRule of AutomaticZenRule.java, there is a possible persistent DoS due to resource...
Moderate
Unreviewed
CVE-2022-20494
was published
Jan 26, 2023
In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions...
High
Unreviewed
CVE-2022-20492
was published
Jan 26, 2023
A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco Webex Room Phone and...
Moderate
Unreviewed
CVE-2023-20047
was published
Jan 20, 2023
DDOS reflection amplification vulnerability in eAut module of Ruckus Wireless SmartZone...
High
Unreviewed
CVE-2021-36630
was published
Jan 18, 2023
An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding...
High
Unreviewed
CVE-2023-22403
was published
Jan 13, 2023
In mmu_map_for_fw of gs_ldfw_load.c, there is a possible mitigation bypass due to Permissive...
High
Unreviewed
CVE-2022-42531
was published
Dec 21, 2022
A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All...
Moderate
Unreviewed
CVE-2022-41288
was published
Dec 13, 2022
ProTip!
Advisories are also available from the
GraphQL API