Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,779
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,972
NuGet
714
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+

456 advisories

Loading
Etcd Gateway can include itself as an endpoint resulting in resource exhaustion High
CVE-2020-15114 was published for go.etcd.io/etcd (Go) Jan 31, 2024
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA)... High Unreviewed
CVE-2023-20095 was published Nov 1, 2023
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could... Moderate Unreviewed
CVE-2023-31274 was published Jan 18, 2024
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through occupy all... Low Unreviewed
CVE-2023-47216 was published Jan 2, 2024
Bunkum tokens cached in the AuthenticationService are susceptible to a use-after-free Moderate
CVE-2023-45814 was published for Bunkum (NuGet) Oct 19, 2023
jvyden
Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10... Moderate Unreviewed
CVE-2018-17437 was published May 13, 2022
Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5 through 1.10.3... Moderate Unreviewed
CVE-2018-17234 was published May 13, 2022
Dell BIOS versions contain a Missing Release of Resource after Effective Lifetime vulnerability.... Moderate Unreviewed
CVE-2022-31222 was published Sep 13, 2022
Uncontrolled Resource Consumption in Matrix Synapse Moderate
CVE-2022-41952 was published for matrix-synapse (pip) Apr 1, 2022
Use of uninitialized buffer in rkyv High
CVE-2021-31919 was published for rkyv (Rust) Aug 25, 2021
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect... High Unreviewed
CVE-2021-1620 was published May 24, 2022
In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will... High Unreviewed
CVE-2019-3883 was published May 13, 2022
In the Linux kernel before 5.17.2, drivers/soc/qcom/qcom_aoss.c does not release an... Moderate Unreviewed
CVE-2023-22996 was published Feb 28, 2023
Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows... Moderate Unreviewed
CVE-2016-9102 was published May 13, 2022
Memory leak in the ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU (aka Quick Emulator)... Moderate Unreviewed
CVE-2016-7995 was published May 13, 2022
Uncontrolled Resource Consumption in promhttp High
CVE-2022-21698 was published for github.com/prometheus/client_golang (Go) Feb 16, 2022
dgl
Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local... Moderate Unreviewed
CVE-2016-9106 was published May 13, 2022
Memory leak in the v9fs_read function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local... Moderate Unreviewed
CVE-2016-8577 was published May 13, 2022
Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local... Moderate Unreviewed
CVE-2016-9105 was published May 13, 2022
The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8... Moderate Unreviewed
CVE-2017-2596 was published May 13, 2022
Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory... Moderate Unreviewed
CVE-2016-9907 was published May 13, 2022
A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not... Low Unreviewed
CVE-2022-26354 was published Mar 17, 2022
Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage... Moderate Unreviewed
CVE-2016-9911 was published May 13, 2022
A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with... High Unreviewed
CVE-2022-26353 was published Mar 17, 2022
A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of... High Unreviewed
CVE-2020-22844 was published Mar 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database