Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
656
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,227 advisories

Loading
Resource management errors vulnerability in a robot controller of MELFA FR Series(controller ... High Unreviewed
CVE-2021-20586 was published May 24, 2022
Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can... High Unreviewed
CVE-2022-23772 was published Feb 12, 2022
There is a denial of service (DoS) vulnerability in eCNS280 versions V100R005C00, V100R005C10.... High Unreviewed
CVE-2021-22292 was published May 24, 2022
On BIG-IP Advanced WAF and ASM version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x... High Unreviewed
CVE-2021-22976 was published May 24, 2022
kopano-ical (formerly zarafa-ical) in Kopano Groupware Core through 8.7.16, 9.x through 9.1.0, 10... High Unreviewed
CVE-2021-28994 was published May 24, 2022
There's a flaw in the BFD library of binutils in versions before 2.36. An attacker who supplies a... High Unreviewed
CVE-2021-3487 was published May 24, 2022
Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood of SSL/TLS renegotiation... High Unreviewed
CVE-2021-32920 was published May 24, 2022
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with... High Unreviewed
CVE-2018-12121 was published May 13, 2022
graphql-java vulnerable to Denial of Service via GraphQL query that consumes CPU resources High
CVE-2022-37734 was published for com.graphql-java:graphql-java (Maven) Sep 13, 2022
The blockchain node in FISCO-BCOS V2.7.2 may have a bug when dealing with unformatted packet and... High Unreviewed
CVE-2021-35041 was published May 24, 2022
A potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions from 10.8... High Unreviewed
CVE-2022-3639 was published Oct 21, 2022
IBM i 7.1, 7.2, 7.3, and 7.4 SMTP allows a network attacker to send emails to non-existent local... High Unreviewed
CVE-2021-20501 was published May 24, 2022
Running security scans against the SAN switch can cause config and secnotify processes within the... High Unreviewed
CVE-2020-15383 was published May 24, 2022
MobaXterm before 21.0 allows remote servers to cause a denial of service (Windows GUI hang) via... High Unreviewed
CVE-2021-28847 was published May 24, 2022
Denial of service binding form from JSON in Play Framework High
CVE-2022-31018 was published for com.typesafe.play:play_2.12 (Maven) Jun 3, 2022
beny23 gmethvin
BillyAutrey
Helm Controller denial of service High
CVE-2022-36049 was published for github.com/fluxcd/flux2 (Go) Sep 16, 2022
pjbgf
An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows... High Unreviewed
CVE-2021-38566 was published May 24, 2022
The server in Luca through 1.1.14 allows remote attackers to cause a denial of service (insertion... High Unreviewed
CVE-2021-33840 was published May 24, 2022
An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attacker could send a... High Unreviewed
CVE-2021-33823 was published May 24, 2022
An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could... High Unreviewed
CVE-2021-33820 was published May 24, 2022
chatwoot is vulnerable to Inefficient Regular Expression Complexity High Unreviewed
CVE-2021-3649 was published May 24, 2022
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers... High Unreviewed
CVE-2021-39123 was published May 24, 2022
A malformed Class 3 common industrial protocol message with a cached connection can cause a... High Unreviewed
CVE-2022-1797 was published Jun 3, 2022
Philips Hue is vulnerable to a Denial of Service attack. Sending a SYN flood on port tcp/80 will... High Unreviewed
CVE-2018-7580 was published May 24, 2022
A vulnerability in the Simple Network Management Protocol (SNMP) punt handling function of Cisco... High Unreviewed
CVE-2021-1623 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database