Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,897
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,317 advisories

Loading
OX App Suite through 7.10.6 has Uncontrolled Resource Consumption via a large request body... Moderate Unreviewed
CVE-2022-37312 was published Dec 26, 2022
In libming 0.4.8, a memory exhaustion vulnerability exist in the function cws2fws in util/main.c.... Moderate Unreviewed
CVE-2021-44590 was published Jan 7, 2022
A vulnerability has been identified in SIMATIC PCS neo (Administration Console) (All versions <... High Unreviewed
CVE-2022-27194 was published Apr 13, 2022
A specially crafted packet sent to the Fernhill SCADA Server Version 3.77 and earlier may cause... High Unreviewed
CVE-2022-21155 was published Apr 13, 2022
A Denial of Service (DoS) vulnerability in the processing of a flood of specific ARP traffic in... Moderate Unreviewed
CVE-2022-22191 was published Apr 15, 2022
A vulnerability in the NETCONF over SSH feature of Cisco IOS XE Software could allow a low... Moderate Unreviewed
CVE-2022-20692 was published Apr 16, 2022
The Background service in Allwinner R818 SoC Android Q SDK V1.0 is used to manage background... High Unreviewed
CVE-2021-38788 was published Jan 20, 2022
RESTEasy 4.5.5.Final in hash flooding High
CVE-2020-14326 was published for org.jboss.resteasy:resteasy-bom (Maven) Mar 18, 2022
A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote... High Unreviewed
CVE-2021-20201 was published May 24, 2022
StripComments filter contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service) High
CVE-2021-32839 was published for sqlparse (pip) Sep 10, 2021
erik-krogh
Samourai Wallet Stonewallx2 0.99.98e allows a denial of service via a P2P coinjoin. The attacker... Moderate Unreviewed
CVE-2022-35913 was published Sep 7, 2022
Uncontrolled Resource Consumption in Apache ZooKeeper High
CVE-2017-5637 was published for org.apache.zookeeper:zookeeper (Maven) May 13, 2022
Resource Exhaustion in Spring Security High
CVE-2021-22119 was published for org.springframework.security:spring-security-core (Maven) Jul 2, 2021
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the fsicapd... High Unreviewed
CVE-2022-28871 was published Apr 26, 2022
OutOfMemory Exception by specifically crafted processing instruction in NekoHtml Parser High
CVE-2022-29546 was published for net.sourceforge.htmlunit:neko-htmlunit (Maven) Apr 26, 2022
kurt-r2c
An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel... Low Unreviewed
CVE-2020-12655 was published May 24, 2022
Sydent DoS (via resource exhaustion) due to improper input validation Moderate
CVE-2021-29433 was published for matrix-sydent (pip) Apr 16, 2021
Uncontrolled Resource Consumption in Undertow Moderate
CVE-2018-1114 was published for io.undertow:undertow-core (Maven) May 13, 2022
Resource management errors vulnerability in a robot controller of MELFA FR Series(controller ... High Unreviewed
CVE-2021-20586 was published May 24, 2022
NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which input data is not... Moderate Unreviewed
CVE-2021-1066 was published May 24, 2022
IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 could allow a local user with... Moderate Unreviewed
CVE-2020-4890 was published May 24, 2022
Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can... High Unreviewed
CVE-2022-23772 was published Feb 12, 2022
On BIG-IP Advanced WAF and ASM version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x... High Unreviewed
CVE-2021-22976 was published May 24, 2022
There is a denial of service (DoS) vulnerability in eCNS280 versions V100R005C00, V100R005C10.... High Unreviewed
CVE-2021-22292 was published May 24, 2022
kopano-ical (formerly zarafa-ical) in Kopano Groupware Core through 8.7.16, 9.x through 9.1.0, 10... High Unreviewed
CVE-2021-28994 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API