GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,807
Erlang
36
GitHub Actions
31
Go
2,390
Maven
5,000+
npm
4,026
NuGet
720
pip
3,815
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+
76 advisories
Filter by severity
Missing validation in shape inference for `Dequantize`
Moderate
CVE-2021-37677
was published
for
tensorflow
(pip)
Aug 25, 2021
Incomplete validation in `MaxPoolGrad`
Moderate
CVE-2021-37674
was published
for
tensorflow
(pip)
Aug 25, 2021
Transaction validity oversight in pallet-ethereum
Moderate
CVE-2021-39193
was published
for
pallet-ethereum
(Rust)
Sep 1, 2021
Logic error in dolibarr
Moderate
CVE-2022-0174
was published
for
dolibarr/dolibarr
(Composer)
Jan 12, 2022
An Improper Validation of Specified Quantity in Input vulnerability in the routing protocol...
Moderate
Unreviewed
CVE-2022-22166
was published
Jan 20, 2022
Dolibarr vulnerable to Improper Validation of Specified Quantity in Input
Moderate
CVE-2022-0414
was published
for
dolibarr/dolibarr
(Composer)
Feb 1, 2022
Abort caused by allocating a vector that is too large in Tensorflow
Moderate
CVE-2022-23580
was published
for
tensorflow
(pip)
Feb 7, 2022
Microweber vulnerable to Improper Validation of Specified Quantity in Input
Moderate
CVE-2022-0596
was published
for
microweber/microweber
(Composer)
Feb 16, 2022
** DISPUTED ** Varnish 2.0.6 writes data to a log file without sanitizing non-printable...
Moderate
Unreviewed
CVE-2009-4488
was published
May 2, 2022
Missing validation causes denial of service via `Conv3DBackpropFilterV2`
Moderate
CVE-2022-29196
was published
for
tensorflow
(pip)
May 24, 2022
Missing validation causes denial of service via `LSTMBlockCell`
Moderate
CVE-2022-29200
was published
for
tensorflow
(pip)
May 24, 2022
Denial of service in `tf.ragged.constant` due to lack of validation
Moderate
CVE-2022-29202
was published
for
tensorflow
(pip)
May 24, 2022
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site...
Moderate
Unreviewed
CVE-2022-31629
was published
Sep 29, 2022
A lack of length validation in Snippet descriptions in GitLab CE/EE affecting all versions prior...
Moderate
Unreviewed
CVE-2022-2592
was published
Oct 17, 2022
Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and...
Moderate
Unreviewed
CVE-2022-26047
was published
Nov 11, 2022
ToolJet is vulnerable to Denial of Service (DoS)
Moderate
CVE-2022-4111
was published
for
tooljet
(npm)
Nov 22, 2022
Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA...
Moderate
Unreviewed
CVE-2022-20687
was published
Dec 12, 2022
Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA...
Moderate
Unreviewed
CVE-2022-20686
was published
Dec 12, 2022
A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Adaptive...
Moderate
Unreviewed
CVE-2022-20691
was published
Dec 12, 2022
A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog...
Moderate
Unreviewed
CVE-2022-20688
was published
Dec 12, 2022
In findAllDeAccounts of AccountsDb.java, there is a possible denial of service due to resource...
Moderate
Unreviewed
CVE-2021-0934
was published
Dec 13, 2022
OX App Suite through 7.10.6 has Uncontrolled Resource Consumption via a large request body...
Moderate
Unreviewed
CVE-2022-37312
was published
Dec 26, 2022
OX App Suite through 7.10.6 has Uncontrolled Resource Consumption via a large location request...
Moderate
Unreviewed
CVE-2022-37311
was published
Dec 26, 2022
An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS...
Moderate
Unreviewed
CVE-2023-22409
was published
Jan 13, 2023
ProTip!
Advisories are also available from the
GraphQL API