Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,894
Erlang
38
GitHub Actions
38
Go
2,558
Maven
5,000+
npm
4,232
NuGet
751
pip
4,001
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+

612 advisories

Loading
relan exFAT 1.3.0 allows local users to obtain sensitive information (data from deleted files in... Moderate Unreviewed
CVE-2022-29973 was published May 3, 2022
PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created... Moderate Unreviewed
CVE-2009-4017 was published May 2, 2022
Opera, possibly 9.64 and earlier, allows remote attackers to cause a denial of service (memory... Moderate Unreviewed
CVE-2009-2540 was published May 2, 2022
The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the... Moderate Unreviewed
CVE-2008-2364 was published May 1, 2022
Joomla! 1.03 does not restrict the number of "Search" Mambots, which allows remote attackers to... Moderate Unreviewed
CVE-2005-4650 was published May 1, 2022
Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote... Moderate Unreviewed
CVE-2005-2970 was published May 1, 2022
iptables before 1.2.4 does not accurately convert rate limits that are specified on the command... Moderate Unreviewed
CVE-2001-1388 was published Apr 30, 2022
A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated... Moderate Unreviewed
CVE-2022-20717 was published Apr 16, 2022
Mattermost Playbooks plugin v1.24.0 and earlier fails to properly check the limit on the number... Moderate Unreviewed
CVE-2022-1333 was published Apr 14, 2022
Resource exhaustion in Mattermost Moderate
CVE-2022-1337 was published for github.com/mattermost/mattermost-server/v6 (Go) Apr 14, 2022
Unsafe parsing in SWHKD Moderate
CVE-2022-27819 was published for Simple-Wayland-HotKey-Daemon (Rust) Apr 8, 2022
J3rry-1729
Credited to J3rry-1729
A lack of appropriate timeouts in GitLab Pages included in GitLab CE/EE all versions prior to 14... Moderate Unreviewed
CVE-2022-1121 was published Apr 5, 2022
Allocation of Resources Without Limits or Throttling in Spring Framework Moderate
CVE-2022-22950 was published for org.springframework:spring-expression (Maven) Apr 3, 2022
J3rry-1729 briandealwis
Credited to J3rry-1729 and briandealwis
IBM App Connect Enterprise Certified Container Dashboard UI (IBM App Connect Enterprise Certified... Moderate Unreviewed
CVE-2022-22404 was published Apr 2, 2022
Improper Input Validation and Allocation of Resources Without Limits or Throttling in poi-scratchpad Moderate
CVE-2022-26336 was published for org.apache.poi:poi-scratchpad (Maven) Mar 5, 2022
SunBK201
Credited to SunBK201
Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes Moderate
CVE-2020-8551 was published for k8s.io/kubernetes (Go) Feb 15, 2022
Kubernetes API Server DoS Via API Requests Moderate
CVE-2020-8552 was published for k8s.io/apiserver (Go) Feb 15, 2022
skitt marquiz
toddtreece
Credited to skitt, marquiz, and toddtreece
Memory exhaustion in Tensorflow Moderate
CVE-2022-21732 was published for tensorflow (pip) Feb 10, 2022
Allocation of Resources Without Limits or Throttling in iText Moderate
CVE-2022-24196 was published for com.itextpdf:itext7-core (Maven) Feb 2, 2022
Denial of service in bingrep Moderate
CVE-2021-39480 was published for bingrep (Rust) Jan 28, 2022
An issue was discovered in Stormshield SNS before 4.2.3 (when the proxy is used). An attacker can... Moderate Unreviewed
CVE-2021-28096 was published Jan 28, 2022
Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible... Moderate Unreviewed
CVE-2020-9059 was published Jan 11, 2022
In libming 0.4.8, the parseSWF_DEFINELOSSLESS2 function in util/parser.c lacks a boundary check... Moderate Unreviewed
CVE-2021-44591 was published Jan 7, 2022
Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information... Moderate Unreviewed
CVE-2021-28715 was published Jan 7, 2022
The Bluetooth Classic implementation on Actions ATS2815 chipsets does not properly handle the... Moderate Unreviewed
CVE-2021-31787 was published Dec 1, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database