Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,040 advisories

Loading
Regular Expression Denial-of-Service in npm schema-inspector High
CVE-2021-21267 was published for schema-inspector (npm) Mar 19, 2021
erik-krogh
Credited to erik-krogh
A denial of service vulnerability exists in the netserver recv_command functionality of reolink... High Unreviewed
CVE-2022-21801 was published Jan 29, 2022
modern-async's `forEachSeries` and `forEachLimit` functions do not limit the number of requests High
CVE-2021-41167 was published for modern-async (npm) Oct 21, 2021
Denial of service in go-ethereum High
CVE-2021-42219 was published for github.com/ethereum/go-ethereum (Go) Mar 18, 2022
A resource exhaustion issue was addressed with improved input validation. This issue is fixed in... Moderate Unreviewed
CVE-2022-22588 was published Mar 19, 2022
In cloud foundry CAPI versions prior to 1.122, a denial-of-service attack in which a developer... Moderate Unreviewed
CVE-2021-22100 was published Mar 26, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting with version 8.10.... Moderate Unreviewed
CVE-2022-0488 was published Mar 29, 2022
In getOffsetBeforeAfter of TextLine.java, there is a possible denial of service due to resource... Moderate Unreviewed
CVE-2021-0993 was published Dec 16, 2021
There is a Resource Management Errors vulnerability in Huawei Smartphone.Successful exploitation... High Unreviewed
CVE-2021-37068 was published Dec 8, 2021
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14... Moderate Unreviewed
CVE-2021-39932 was published Dec 14, 2021
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service,... High Unreviewed
CVE-2021-38951 was published Dec 10, 2021
Unauthenticated users can access sensitive web URLs through GET request, which should be... Moderate Unreviewed
CVE-2021-32503 was published Apr 3, 2022
A denial of service vulnerability when rendering RDoc files in GitLab CE/EE versions 10 to 14.7.7... Moderate Unreviewed
CVE-2022-1185 was published Apr 5, 2022
totolink EX300_v2, ver V4.0.3c.140_B20210429 and A720R ,ver V4.1.5cu.470_B20200911 have an issue... Moderate Unreviewed
CVE-2021-43662 was published Apr 1, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting with 8.15 . It was... Moderate Unreviewed
CVE-2022-0489 was published Apr 3, 2022
A potential DoS vulnerability was discovered in Gitlab CE/EE versions 13.7 before 14.7.7, all... High Unreviewed
CVE-2022-1174 was published Apr 5, 2022
Adding a very large number of tags to a runner in GitLab CE/EE affecting all versions prior to 14... Moderate Unreviewed
CVE-2022-1099 was published Apr 5, 2022
In libming 0.4.8, a memory exhaustion vulnerability exist in the function cws2fws in util/main.c.... Moderate Unreviewed
CVE-2021-44590 was published Jan 7, 2022
A vulnerability has been identified in SIMATIC PCS neo (Administration Console) (All versions <... High Unreviewed
CVE-2022-27194 was published Apr 13, 2022
A specially crafted packet sent to the Fernhill SCADA Server Version 3.77 and earlier may cause... High Unreviewed
CVE-2022-21155 was published Apr 13, 2022
A Denial of Service (DoS) vulnerability in the processing of a flood of specific ARP traffic in... Moderate Unreviewed
CVE-2022-22191 was published Apr 15, 2022
A vulnerability in the NETCONF over SSH feature of Cisco IOS XE Software could allow a low... Moderate Unreviewed
CVE-2022-20692 was published Apr 16, 2022
The Background service in Allwinner R818 SoC Android Q SDK V1.0 is used to manage background... High Unreviewed
CVE-2021-38788 was published Jan 20, 2022
RESTEasy 4.5.5.Final in hash flooding High
CVE-2020-14326 was published for org.jboss.resteasy:resteasy-bom (Maven) Mar 18, 2022
A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote... High Unreviewed
CVE-2021-20201 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database