Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,131
Erlang
29
GitHub Actions
19
Go
1,934
Maven
5,000+
npm
3,668
NuGet
642
pip
3,287
Pub
10
RubyGems
873
Rust
828
Swift
35
Unreviewed advisories
All unreviewed
5,000+

203 advisories

Loading
Calico Typha denial of service vulnerability High
CVE-2023-41378 was published for github.com/projectcalico/calico (Go) Nov 6, 2023
Directus crashes on invalid WebSocket message High
CVE-2023-45820 was published for directus (npm) Oct 19, 2023
nles
Jetty vulnerable to incorrect handling of invalid large TLS frame, exhausting CPU resources High
CVE-2021-28165 was published for org.eclipse.jetty:jetty-server (Maven) Apr 6, 2021
Improper Input Validation and Excessive Iteration in Go Facebook Thrift High
CVE-2019-3564 was published for github.com/facebook/fbthrift (Go) Feb 15, 2022
oliverchang
Possible buffer overflow due to lack of range check while processing a DIAG command for COEX... High Unreviewed
CVE-2021-30289 was published Jan 4, 2022
XMLTooling Library Incorrectly Handles Some Exceptions High
CVE-2019-9628 was published for org.opensaml:xmltooling (Maven) May 13, 2022 withdrawn
njuneau-coveo twn
A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are... High Unreviewed
CVE-2022-20919 was published Oct 1, 2022
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco... High Unreviewed
CVE-2022-20726 was published Apr 16, 2022
Traefik HTTP/2 connections management could cause a denial of service High
CVE-2022-39271 was published for github.com/traefik/traefik/v2 (Go) Oct 10, 2022
A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel... High Unreviewed
CVE-2022-35268 was published Oct 25, 2022
Improper Handling of Exceptional Conditions, Improper Check for Unusual or Exceptional Conditions... High Unreviewed
CVE-2021-22285 was published Feb 10, 2022
Improper handling of exceptional conditions in Bixby prior to version 3.0.53.02 allows attacker... High Unreviewed
CVE-2021-25380 was published May 24, 2022
Uncaught Exception in engine.io High
CVE-2022-21676 was published for engine.io (npm) Jan 13, 2022
marwej
An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022... High Unreviewed
CVE-2022-22265 was published Jan 11, 2022
A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could allow an unauthenticated,... High Unreviewed
CVE-2022-20678 was published Apr 16, 2022
In multiple functions of SnoozeHelper.java, there is a possible failure to persist settings due... High Unreviewed
CVE-2023-20993 was published Mar 24, 2023
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco... High Unreviewed
CVE-2019-1858 was published May 24, 2022
Denial of Service in axios High
CVE-2019-10742 was published for axios (npm) May 29, 2019
tdunlap607
A potential memory vulnerability due to insufficient input validation in PDFXEditCore.x64.dll in... High Unreviewed
CVE-2023-24308 was published Mar 28, 2023
Ory fosite contains Improper Handling of Exceptional Conditions High
CVE-2020-15223 was published for github.com/ory/fosite (Go) May 24, 2021
jclebreton
go-merkledag's ProtoNode may be modified such that common method calls may panic High
CVE-2022-23495 was published for github.com/ipfs/go-merkledag (Go) Dec 8, 2022
mrd0ll4r
An improper handling of exceptional conditions vulnerability exists within the Connect Before... High Unreviewed
CVE-2022-0016 was published Feb 11, 2022
On BIG-IP AFM version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and... High Unreviewed
CVE-2022-23018 was published Jan 26, 2022
A release of illegal memory vulnerability in the snmpd daemon of Juniper Networks Junos OS, Junos... High Unreviewed
CVE-2022-22177 was published Jan 20, 2022
Improper Handling of Exceptional Conditions in Apache Tomcat High
CVE-2021-30639 was published for org.apache.tomcat:tomcat (Maven) Aug 13, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database