Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

420 advisories

Loading
In mmu_map_for_fw of gs_ldfw_load.c, there is a possible mitigation bypass due to Permissive... High Unreviewed
CVE-2022-42531 was published Dec 21, 2022
libp2p DoS vulnerability from lack of resource management High
CVE-2022-23487 was published for libp2p (npm) Dec 7, 2022
libp2p DoS vulnerability from lack of resource management High
CVE-2022-23486 was published for libp2p (Rust) Dec 7, 2022
Creation of new database tables through login form on PostgreSQL High
CVE-2022-41932 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Nov 21, 2022
In JetBrains Hub before 2022.3.15181 Throttling was missed when sending emails to a particular... High Unreviewed
CVE-2022-45471 was published Nov 18, 2022
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a... High Unreviewed
CVE-2021-34568 was published Nov 9, 2022
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer... High Unreviewed
CVE-2022-43945 was published Nov 5, 2022
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to... High Unreviewed
CVE-2022-42311 was published Nov 1, 2022
Dell PowerScale OneFS, versions 8.2.0.x-9.4.0.x contain allocation of Resources Without Limits or... High Unreviewed
CVE-2022-34439 was published Oct 21, 2022
A limitless resource allocation vulnerability in FPC resources of Juniper Networks Junos OS... High Unreviewed
CVE-2022-22211 was published Oct 18, 2022
Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted... High Unreviewed
CVE-2022-2879 was published Oct 14, 2022
rdiffweb does not have a rate limit on incorrect password attempts to prevent brute force attacks High
CVE-2022-3273 was published for rdiffweb (pip) Oct 6, 2022
rdiffweb's lack of token name length limit can result in DoS or memory corruption High
CVE-2022-3371 was published for rdiffweb (pip) Oct 1, 2022
rdiffweb allows unlimited length of root directory name, which could result in DoS High
CVE-2022-3295 was published for rdiffweb (pip) Sep 27, 2022
rdiffweb vulnerable to potential DoS via memory consumption High
CVE-2022-3298 was published for rdiffweb (pip) Sep 27, 2022
Apache Kafka vulnerability can lead to brokers hitting OutOfMemoryException, causing Denial of Service High
CVE-2022-34917 was published for org.apache.kafka:kafka (Maven) Sep 21, 2022
jkmartindale
A Memory Allocation with Excessive Size Value vulnerablity in the TEE_Realloc function in Samsung... High Unreviewed
CVE-2022-40762 was published Sep 17, 2022
Helm Controller denial of service High
CVE-2022-36049 was published for github.com/fluxcd/flux2 (Go) Sep 16, 2022
pjbgf
Eclipse Milo vulnerable to Resource Exhaustion (Denial of Service) High
CVE-2022-25897 was published for org.eclipse.milo:sdk-server (Maven) Sep 15, 2022
SharonBrizinov
axum-core has no default limit put on request bodies High
CVE-2022-3212 was published for axum-core (Rust) Sep 15, 2022
Duplicate of GHSA-m77f-652q-wwp4 High
GHSA-2gg5-7c4v-6xx2 was published for axum-core (Rust) Sep 15, 2022 withdrawn
D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/addRouting. High Unreviewed
CVE-2022-36620 was published Sep 1, 2022
XNIO `notifyReadClosed` method logging message to unexpected end High
CVE-2022-0084 was published for org.jboss.xnio:xnio-all (Maven) Aug 27, 2022
Uncontrolled Resource Consumption in opcua High
CVE-2022-25888 was published for opcua (Rust) Aug 24, 2022
The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to... High Unreviewed
CVE-2022-25761 was published Aug 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database