Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,094 advisories

Loading
In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when a... High Unreviewed
CVE-2022-33203 was published Aug 5, 2022
In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when... High Unreviewed
CVE-2022-35236 was published Aug 5, 2022
In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use,... Moderate Unreviewed
CVE-2022-35241 was published Aug 5, 2022
An attacker could use specially crafted invalid Modbus frames to crash the Ovarro TBox system. High Unreviewed
CVE-2021-22642 was published Jul 29, 2022
An issue was discovered in H96 Smart TV Box H96 Pro Plus allows attackers to corrupt files via... High Unreviewed
CVE-2020-21405 was published Jul 21, 2022
ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable... High Unreviewed
CVE-2022-35404 was published Jul 19, 2022
ZXEN CG200 has a DoS vulnerability. An attacker could construct and send a large number of HTTP... Moderate Unreviewed
CVE-2022-23142 was published Jul 19, 2022
Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via... High Unreviewed
CVE-2022-27937 was published Jul 18, 2022
Pexip Infinity before 28.1 allows remote attackers to trigger a software abort via G.719. High Unreviewed
CVE-2022-32263 was published Jul 18, 2022
The legacy Slack import feature in Mattermost version 6.7.0 and earlier fails to properly limit... Moderate Unreviewed
CVE-2022-2406 was published Jul 15, 2022
Internet Information Services Dynamic Compression Module Denial of Service Vulnerability. High Unreviewed
CVE-2022-22040 was published Jul 13, 2022
In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption... Moderate Unreviewed
CVE-2022-30792 was published Jul 12, 2022
In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows... Moderate Unreviewed
CVE-2022-30791 was published Jul 12, 2022
** DISPUTED ** quic-go through 0.27.0 allows remote attackers to cause a denial of service (CPU... High Unreviewed
CVE-2022-30591 was published Jul 7, 2022
A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an... Moderate Unreviewed
CVE-2022-20808 was published Jul 7, 2022
The simplepush server iterates through the application installations and pushes a notification to... High Unreviewed
CVE-2014-3648 was published Jul 2, 2022
The gf_bs_write_data function in GPAC 1.0.1 allows attackers to cause a denial of service via a... Moderate Unreviewed
CVE-2021-40606 was published Jun 29, 2022
In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections... Moderate Unreviewed
CVE-2022-31803 was published Jun 25, 2022
An Uncontrolled Resource Consumption vulnerability in spacewalk-java of SUSE Manager Server 4.1,... High Unreviewed
CVE-2022-21952 was published Jun 23, 2022
The Rating by BestWebSoft WordPress plugin through 1.5 does not validate the submitted rating,... Moderate Unreviewed
CVE-2021-25121 was published Jun 21, 2022
Denial of Service in GitHub repository inventree/inventree prior to 0.8.0. Moderate Unreviewed
CVE-2022-2134 was published Jun 21, 2022
In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent denial of service due... Moderate Unreviewed
CVE-2022-20143 was published Jun 16, 2022
Windows Kernel Denial of Service Vulnerability. Moderate Unreviewed
CVE-2022-30155 was published Jun 16, 2022
Windows Network Address Translation (NAT) Denial of Service Vulnerability. High Unreviewed
CVE-2022-30152 was published Jun 16, 2022
Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU... High Unreviewed
CVE-2022-30780 was published Jun 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database