Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,312 advisories

Loading
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function... High Unreviewed
CVE-2022-32043 was published Jul 2, 2022
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the url... High Unreviewed
CVE-2022-32049 was published Jul 2, 2022
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac... High Unreviewed
CVE-2022-32053 was published Jul 2, 2022
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function... High Unreviewed
CVE-2022-32041 was published Jul 2, 2022
In Bento4 1.6.0-638, there is an allocator is out of memory in the function AP4_Array... High Unreviewed
CVE-2021-40941 was published Jun 28, 2022
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc... High Unreviewed
CVE-2022-32046 was published Jul 2, 2022
There's a flaw in OpenEXR's scanline input file functionality in versions before 3.0.0-beta. An... Moderate Unreviewed
CVE-2021-3478 was published May 24, 2022
An issue was discovered in MediaWiki through 1.38.1. The lemma length of a Wikibase lexeme is... High Unreviewed
CVE-2022-34750 was published Jun 29, 2022
The schm_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service via a... Moderate Unreviewed
CVE-2021-40607 was published Jun 29, 2022
Denial of Service in Spring Cloud Function High
CVE-2022-22979 was published for org.springframework.cloud:spring-cloud-function-parent (Maven) Jun 22, 2022
Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior... High Unreviewed
CVE-2022-27871 was published Jun 22, 2022
Improper memory allocation during counter check DLM handling can lead to denial of service in... High Unreviewed
CVE-2021-35096 was published Jun 15, 2022
In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r... High Unreviewed
CVE-2022-29404 was published Jun 10, 2022
PNGDec commit 8abf6be was discovered to contain a memory allocation problem via asan_malloc_linux... Moderate Unreviewed
CVE-2022-35009 was published Aug 17, 2022
An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom... Moderate Unreviewed
CVE-2022-31287 was published Jun 11, 2022
An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core... Moderate Unreviewed
CVE-2022-31285 was published Jun 11, 2022
A vulnerability due to the improper handling of direct memory access (DMA) buffers on EX4300... Moderate Unreviewed
CVE-2021-0242 was published May 24, 2022
adbyby v2.7 allows external users to make connections via port 8118. This can cause a program... Moderate Unreviewed
CVE-2022-29767 was published Jun 4, 2022
If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where... High Unreviewed
CVE-2022-30522 was published Jun 10, 2022
An issue has been found in function vfprintf in PDF2JSON 0.70 that allows attackers to cause a... Moderate Unreviewed
CVE-2020-19463 was published May 24, 2022
Helm Controller denial of service High
CVE-2022-36049 was published for github.com/fluxcd/flux2 (Go) Sep 16, 2022
pjbgf
Credited to pjbgf
A vulnerability in processing of certain DHCP packets from adjacent clients on EX Series and QFX... High Unreviewed
CVE-2021-0217 was published May 24, 2022
An issue has been found in function XRef::fetch in PDF2JSON 0.70 that allows attackers to cause a... Moderate Unreviewed
CVE-2020-19464 was published May 24, 2022
xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to... Moderate Unreviewed
CVE-2021-28700 was published May 24, 2022
Improper Handling of Length Parameter Inconsistency in Compress High
CVE-2021-35516 was published for org.apache.commons:commons-compress (Maven) Aug 2, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database