Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,131
Erlang
29
GitHub Actions
19
Go
1,934
Maven
5,000+
npm
3,668
NuGet
642
pip
3,287
Pub
10
RubyGems
873
Rust
828
Swift
35
Unreviewed advisories
All unreviewed
5,000+

149 advisories

Loading
Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated... High Unreviewed
CVE-2023-1150 was published Jun 26, 2023
OpenStack Neutron Denial of Service vulnerability High
CVE-2021-40797 was published for neutron (pip) May 24, 2022
Uncontrolled resource consumption in Zoom SDKs before 5.14.7 may allow an unauthenticated user to... High Unreviewed
CVE-2023-36533 was published Aug 8, 2023
A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process,... High Unreviewed
CVE-2024-39562 was published Jul 11, 2024
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and... High Unreviewed
CVE-2018-0158 was published May 13, 2022
In the Linux kernel, the following vulnerability has been resolved: ubifs: Set page uptodate in... High Unreviewed
CVE-2024-35821 was published May 17, 2024
The Video_Converter app 0.1.0 for Nextcloud allows denial of service (CPU and memory consumption)... High Unreviewed
CVE-2019-18214 was published May 24, 2022
Boa through 0.94.14rc21 allows remote attackers to trigger a memory leak because of missing calls... High Unreviewed
CVE-2018-21028 was published May 24, 2022
A failure to free memory can occur when processing messages having a specific combination of EDNS... High Unreviewed
CVE-2018-5744 was published May 24, 2022
Foxit Reader before 9.7 allows an Access Violation and crash if insufficient memory exists. High Unreviewed
CVE-2019-17183 was published May 24, 2022
A service worker can send the activate event on itself periodically which allows it to run... High Unreviewed
CVE-2018-5179 was published May 24, 2022
Missing Release of Resource after Effective Lifetime in Apache Tomcat High
CVE-2021-42340 was published for org.apache.tomcat:tomcat (Maven) Oct 15, 2021
sunSUNQ
PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which... High Unreviewed
CVE-2010-4657 was published Apr 21, 2022
When a BIG-IP ASM/Advanced WAF security policy is configured on a virtual server, undisclosed... High Unreviewed
CVE-2024-21789 was published Feb 14, 2024
The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before 1.2.23, 1.4.x before 1.4.9, and... High Unreviewed
CVE-2007-4103 was published May 1, 2022
Etcd Gateway can include itself as an endpoint resulting in resource exhaustion High
CVE-2020-15114 was published for go.etcd.io/etcd (Go) Jan 31, 2024
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA)... High Unreviewed
CVE-2023-20095 was published Nov 1, 2023
golang.org/x/text/language Denial of service via crafted Accept-Language header High
CVE-2022-32149 was published for golang.org/x/text (Go) Oct 14, 2022
rbeuque74
Use of uninitialized buffer in rkyv High
CVE-2021-31919 was published for rkyv (Rust) Aug 25, 2021
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect... High Unreviewed
CVE-2021-1620 was published May 24, 2022
In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will... High Unreviewed
CVE-2019-3883 was published May 13, 2022
Uncontrolled Resource Consumption in promhttp High
CVE-2022-21698 was published for github.com/prometheus/client_golang (Go) Feb 16, 2022
dgl
A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with... High Unreviewed
CVE-2022-26353 was published Mar 17, 2022
A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of... High Unreviewed
CVE-2020-22844 was published Mar 1, 2022
A Missing Release of Resource after Effective Lifetime vulnerability in the Packet Forwarding... High Unreviewed
CVE-2022-22170 was published Jan 20, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database