Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,041 advisories

Loading
Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology... Moderate Unreviewed
CVE-2017-12077 was published May 17, 2022
Scrapy denial of service vulnerability High
CVE-2017-14158 was published for scrapy (pip) May 17, 2022
jhutchings1 G-Rath
ayatweb Matthew-Grayson
Credited to jhutchings1, G-Rath, ayatweb, and Matthew-Grayson
The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a... Moderate Unreviewed
CVE-2014-3672 was published May 17, 2022
Designate mDNS DoS through incorrect handling of large RecordSets High
CVE-2015-5695 was published for designate (pip) May 17, 2022
The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to cause a denial of service... High Unreviewed
CVE-2013-7428 was published May 17, 2022
Django ReDoS in validators.URLValidator High
CVE-2015-5145 was published for Django (pip) May 17, 2022
An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made... High Unreviewed
CVE-2017-14616 was published May 17, 2022
openhpi/Makefile.am in OpenHPI before 3.6.0 uses world-writable permissions for /var/lib/openhpi... Moderate Unreviewed
CVE-2015-3248 was published May 17, 2022
In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system... High Unreviewed
CVE-2017-15193 was published May 17, 2022
The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a... Moderate Unreviewed
CVE-2017-1000373 was published May 17, 2022
Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a denial of service. High Unreviewed
CVE-2015-7384 was published May 17, 2022
The grant-table feature in Xen through 4.8.x mishandles MMIO region grant references, which... High Unreviewed
CVE-2017-10922 was published May 17, 2022
An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial... Moderate Unreviewed
CVE-2017-15596 was published May 17, 2022
Red Hat CloudForms 3 Management Engine (CFME) allows remote authenticated users to cause a denial... Moderate Unreviewed
CVE-2014-7813 was published May 17, 2022
Huawei USG9560/9520/9580 before V300R001C01SPC300 allows remote attackers to cause a memory leak... High Unreviewed
CVE-2014-9697 was published May 17, 2022
SaltStack Salt Denial of Service via a crafted authentication request High
CVE-2017-14696 was published for salt (pip) May 17, 2022
The London Trust Media Private Internet Access (PIA) application before 1.3.3.1 for Android... High Unreviewed
CVE-2017-15882 was published May 17, 2022
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM,... Moderate Unreviewed
CVE-2017-6161 was published May 17, 2022
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue... High Unreviewed
CVE-2017-13825 was published May 17, 2022
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue... High Unreviewed
CVE-2017-7132 was published May 17, 2022
Jool 3.5.0-3.5.1 is vulnerable to a kernel crashing packet resulting in a DOS. High Unreviewed
CVE-2017-1000191 was published May 17, 2022
P9 Plus smartphones with software versions earlier before VIE-AL10BC00B386 have a denial of... High Unreviewed
CVE-2017-2734 was published May 17, 2022
Apache Tika vulnerable to uncontrolled memory consumption Moderate
CVE-2022-25169 was published for org.apache.tika:tika (Maven) May 17, 2022
The implementation of the OSPF protocol in VMware NSX-V Edge 6.2.x prior to 6.2.8 and NSX-V Edge... High Unreviewed
CVE-2017-4920 was published May 14, 2022
Prior to 4.4.1.10, the Norton Family Android App can be susceptible to a Denial of Service (DoS)... Moderate Unreviewed
CVE-2017-15529 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database