Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,040 advisories

Loading
rfc822.c in Mutt through 2.0.4 allows remote attackers to cause a denial of service (mailbox... Moderate Unreviewed
CVE-2021-3181 was published May 24, 2022
IBM i 7.1, 7.2, 7.3, and 7.4 SMTP allows a network attacker to send emails to non-existent local... High Unreviewed
CVE-2021-20501 was published May 24, 2022
Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an stack exhaustion vulnerability in the ... Moderate Unreviewed
CVE-2020-20213 was published May 24, 2022
Mikrotik RouterOs before 6.47 (stable tree) suffers from an uncontrolled resource consumption... Moderate Unreviewed
CVE-2020-20217 was published May 24, 2022
Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the... Moderate Unreviewed
CVE-2020-20248 was published May 24, 2022
Running security scans against the SAN switch can cause config and secnotify processes within the... High Unreviewed
CVE-2020-15383 was published May 24, 2022
MobaXterm before 21.0 allows remote servers to cause a denial of service (Windows GUI hang) via... High Unreviewed
CVE-2021-28847 was published May 24, 2022
Denial of service binding form from JSON in Play Framework High
CVE-2022-31018 was published for com.typesafe.play:play_2.12 (Maven) Jun 3, 2022
beny23 gmethvin
BillyAutrey
Credited to beny23, gmethvin, and BillyAutrey
Helm Controller denial of service High
CVE-2022-36049 was published for github.com/fluxcd/flux2 (Go) Sep 16, 2022
pjbgf
Credited to pjbgf
A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function in... Moderate Unreviewed
CVE-2021-20265 was published May 24, 2022
An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows... High Unreviewed
CVE-2021-38566 was published May 24, 2022
The server in Luca through 1.1.14 allows remote attackers to cause a denial of service (insertion... High Unreviewed
CVE-2021-33840 was published May 24, 2022
An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attacker could send a... High Unreviewed
CVE-2021-33823 was published May 24, 2022
An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could... High Unreviewed
CVE-2021-33820 was published May 24, 2022
Uncontrolled Resource Consumption in Mattermost server Moderate
CVE-2022-1982 was published for github.com/mattermost/mattermost-server (Go) Jun 3, 2022
chatwoot is vulnerable to Inefficient Regular Expression Complexity High Unreviewed
CVE-2021-3649 was published May 24, 2022
DoS via malicious p2p message in Go Ethereum Moderate
CVE-2022-29177 was published for github.com/ethereum/go-ethereum (Go) May 24, 2022
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers... High Unreviewed
CVE-2021-39123 was published May 24, 2022
A malformed Class 3 common industrial protocol message with a cached connection can cause a... High Unreviewed
CVE-2022-1797 was published Jun 3, 2022
Philips Hue is vulnerable to a Denial of Service attack. Sending a SYN flood on port tcp/80 will... High Unreviewed
CVE-2018-7580 was published May 24, 2022
The vCenter Server contains a denial-of-service vulnerability due to improper XML entity parsing.... Moderate Unreviewed
CVE-2021-21992 was published May 24, 2022
A remote denial of service (DoS) vulnerability was discovered in Aruba ClearPass Policy Manager... Moderate Unreviewed
CVE-2021-29152 was published May 24, 2022
A vulnerability in the Simple Network Management Protocol (SNMP) punt handling function of Cisco... High Unreviewed
CVE-2021-1623 was published May 24, 2022
Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the... Moderate Unreviewed
CVE-2020-20230 was published May 24, 2022
Wowza Streaming Engine through 4.8.11+5 could allow an authenticated, remote attacker to exhaust... Moderate Unreviewed
CVE-2021-35492 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database