Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
656
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,227 advisories

Loading
Regular expression denial of service (ReDoS) in EmailField component in Vaadin 14 and 15-17 High
GHSA-crh4-294p-vcfq was published for com.vaadin:vaadin-text-field-flow (Maven) Apr 19, 2021
Uncontrolled Resource Consumption in org.eclipse.jetty:jetty-server High
CVE-2018-12545 was published for org.eclipse.jetty:jetty-server (Maven) Mar 28, 2019
Remote memory exhaustion in ckb High
GHSA-48vq-8jqv-gm6f was published for ckb (Rust) Aug 25, 2021
Memory exhaustion in asn1_der High
CVE-2019-15549 was published for asn1_der (Rust) Aug 25, 2021
Denial of Service (DoS) in Nokogiri on JRuby High
GHSA-gx8x-g87m-h5q6 was published for nokogiri (RubyGems) Apr 11, 2022
d3-color vulnerable to ReDoS High
GHSA-36jr-mh4h-2g58 was published for d3-color (npm) Sep 29, 2022
Denial of service in sidekiq High
CVE-2022-23837 was published for sidekiq (RubyGems) Jan 27, 2022
Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service. High Unreviewed
CVE-2021-33959 was published Jan 18, 2023
CAMS for HIS Log Server contained in the following Yokogawa Electric products is vulnerable to... High Unreviewed
CVE-2022-22145 was published Mar 12, 2022
Regular Expression Denial-of-Service in npm schema-inspector High
CVE-2021-21267 was published for schema-inspector (npm) Mar 19, 2021
erik-krogh
A denial of service vulnerability exists in the netserver recv_command functionality of reolink... High Unreviewed
CVE-2022-21801 was published Jan 29, 2022
modern-async's `forEachSeries` and `forEachLimit` functions do not limit the number of requests High
CVE-2021-41167 was published for modern-async (npm) Oct 21, 2021
Denial of service in go-ethereum High
CVE-2021-42219 was published for github.com/ethereum/go-ethereum (Go) Mar 18, 2022
There is a Resource Management Errors vulnerability in Huawei Smartphone.Successful exploitation... High Unreviewed
CVE-2021-37068 was published Dec 8, 2021
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service,... High Unreviewed
CVE-2021-38951 was published Dec 10, 2021
A potential DoS vulnerability was discovered in Gitlab CE/EE versions 13.7 before 14.7.7, all... High Unreviewed
CVE-2022-1174 was published Apr 5, 2022
A vulnerability has been identified in SIMATIC PCS neo (Administration Console) (All versions <... High Unreviewed
CVE-2022-27194 was published Apr 13, 2022
A specially crafted packet sent to the Fernhill SCADA Server Version 3.77 and earlier may cause... High Unreviewed
CVE-2022-21155 was published Apr 13, 2022
The Background service in Allwinner R818 SoC Android Q SDK V1.0 is used to manage background... High Unreviewed
CVE-2021-38788 was published Jan 20, 2022
RESTEasy 4.5.5.Final in hash flooding High
CVE-2020-14326 was published for org.jboss.resteasy:resteasy-bom (Maven) Mar 18, 2022
A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote... High Unreviewed
CVE-2021-20201 was published May 24, 2022
Uncontrolled Resource Consumption in Apache ZooKeeper High
CVE-2017-5637 was published for org.apache.zookeeper:zookeeper (Maven) May 13, 2022
Resource Exhaustion in Spring Security High
CVE-2021-22119 was published for org.springframework.security:spring-security-core (Maven) Jul 2, 2021
OutOfMemory Exception by specifically crafted processing instruction in NekoHtml Parser High
CVE-2022-29546 was published for net.sourceforge.htmlunit:neko-htmlunit (Maven) Apr 26, 2022
kurt-r2c
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the fsicapd... High Unreviewed
CVE-2022-28871 was published Apr 26, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database