Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,315 advisories

Loading
A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an... Moderate Unreviewed
CVE-2021-1592 was published May 24, 2022
The AP4_CttsAtom class in Core/Ap4CttsAtom.cpp in Bento4 1.5.1.0 allows remote attackers to cause... High Unreviewed
CVE-2018-10790 was published May 24, 2022
node-opcua DoS vulnerability via message with memory allocation that exceeds v8's memory limit High
CVE-2022-25231 was published for node-opcua (npm) Aug 24, 2022
A vulnerability was discovered in GitLab versions before 14.0.2, 13.12.6, 13.11.6. GitLab Webhook... Moderate Unreviewed
CVE-2021-22246 was published May 24, 2022
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality... High Unreviewed
CVE-2021-21860 was published May 24, 2022
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality... High Unreviewed
CVE-2021-21861 was published May 24, 2022
The AWV and MiCollab Client Service components in Mitel MiCollab before 9.3 could allow an... Moderate Unreviewed
CVE-2021-32068 was published May 24, 2022
A segmentation fault in TripleCross v0.1.0 occurs when sending a control command from the client... High Unreviewed
CVE-2022-35505 was published Aug 4, 2022
The NHI card’s web service component has a heap-based buffer overflow vulnerability due to... Moderate Unreviewed
CVE-2022-35218 was published Aug 3, 2022
TripleCross v0.1.0 was discovered to contain a stack overflow which occurs because there is no... High Unreviewed
CVE-2022-35506 was published Aug 4, 2022
In Contiki 3.0, a Telnet server that silently quits (before disconnection with clients) leads to... High Unreviewed
CVE-2021-38387 was published May 24, 2022
A Denial-of-Service (DoS) vulnerability was discovered in Team Server in HelpSystems Cobalt... High Unreviewed
CVE-2021-36798 was published May 24, 2022
btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock)... Moderate Unreviewed
CVE-2021-38203 was published May 24, 2022
The NHI card’s web service component has a stack-based buffer overflow vulnerability due to... Moderate Unreviewed
CVE-2022-35219 was published Aug 3, 2022
A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix... High Unreviewed
CVE-2021-22919 was published May 24, 2022
In mmu_map_for_fw of gs_ldfw_load.c, there is a possible mitigation bypass due to Permissive... High Unreviewed
CVE-2022-42531 was published Dec 21, 2022
An uncontrolled resource consumption vulnerability in Juniper Networks Junos OS on QFX5000 Series... High Unreviewed
CVE-2021-0285 was published May 24, 2022
IBM CICS TX 11.1 could allow a local user to cause a denial of service due to improper load... Moderate Unreviewed
CVE-2022-34308 was published Oct 7, 2022
A vulnerability has been identified in RWG1.M12 (All versions < V1.16.16), RWG1.M12D (All... Moderate Unreviewed
CVE-2021-25671 was published May 24, 2022
The Sieve engine in Dovecot before 2.3.15 allows Uncontrolled Resource Consumption, as... Moderate Unreviewed
CVE-2020-28200 was published May 24, 2022
Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 in all versions/variants are affected... High Unreviewed
CVE-2021-33541 was published May 24, 2022
A lack of rate limiting in the 'forgot password' feature of Zammad v5.1.0 allows attackers to... High Unreviewed
CVE-2022-29701 was published Apr 28, 2022
A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP... High Unreviewed
CVE-2022-22278 was published Apr 28, 2022
The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to... High Unreviewed
CVE-2022-25761 was published Aug 24, 2022
Insufficient size checks in ws High
CVE-2020-35896 was published for ws (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database