Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,316 advisories

Loading
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::reset()... Moderate Unreviewed
CVE-2022-35104 was published Aug 17, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via draw_stroke at ... Moderate Unreviewed
CVE-2022-35109 was published Aug 17, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via /bin/png2swf+0x552cea. Moderate Unreviewed
CVE-2022-35105 was published Aug 17, 2022
tifig v0.2.2 was discovered to contain a resource allocation issue via operator new(unsigned long... Moderate Unreviewed
CVE-2022-36155 was published Aug 17, 2022
tifig v0.2.2 was discovered to contain a heap-buffer overflow via __asan_memmove at /asan... Moderate Unreviewed
CVE-2022-36150 was published Aug 17, 2022
SWFMill commit 53d7690 was discovered to contain a memory allocation issue via operator new[]... Moderate Unreviewed
CVE-2022-36146 was published Aug 17, 2022
A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg... Moderate Unreviewed
CVE-2021-3759 was published Aug 24, 2022
Uncontrolled Resource Consumption in opcua High
CVE-2022-25888 was published for opcua (Rust) Aug 24, 2022
Uncontrolled Resource Consumption in asyncua and opcua High
CVE-2022-25304 was published for asyncua (pip) Aug 24, 2022
GoetzGoerisch tdunlap607
Credited to GoetzGoerisch and tdunlap607
node-opcua DoS vulnerability via message with memory allocation that exceeds v8's memory limit High
CVE-2022-25231 was published for node-opcua (npm) Aug 24, 2022
The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to... High Unreviewed
CVE-2022-25761 was published Aug 24, 2022
All versions of package freeopcua/freeopcua are vulnerable to Denial of Service (DoS) when... High Unreviewed
CVE-2022-24298 was published Aug 24, 2022
All versions of package asneg/opcuastack are vulnerable to Denial of Service (DoS) due to a... High Unreviewed
CVE-2022-24381 was published Aug 24, 2022
A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with... Moderate Unreviewed
CVE-2021-3669 was published Aug 27, 2022
XNIO `notifyReadClosed` method logging message to unexpected end High
CVE-2022-0084 was published for org.jboss.xnio:xnio-all (Maven) Aug 27, 2022
A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel. This issue can... Moderate Unreviewed
CVE-2022-0480 was published Aug 29, 2022
Helm Vulnerable to denial of service through string value parsing Moderate
CVE-2022-36055 was published for helm.sh/helm/v3 (Go) Aug 30, 2022
DavidKorczynski AdamKorcz
Credited to DavidKorczynski and AdamKorcz
D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/addRouting. High Unreviewed
CVE-2022-36620 was published Sep 1, 2022
An issue was discovered in wolfSSL before 5.5.0 (when --enable-session-ticket is used); however,... Moderate Unreviewed
CVE-2022-38153 was published Sep 1, 2022
A flaw was found in Clmg, where with the help of a maliciously crafted pandore or bmp file with... Moderate Unreviewed
CVE-2022-1325 was published Sep 1, 2022
In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function ... Moderate Unreviewed
CVE-2020-35534 was published Sep 2, 2022
Mattermost version 7.0.x and earlier fails to sufficiently limit the in-memory sizes of... Moderate Unreviewed
CVE-2022-3147 was published Sep 10, 2022
Duplicate of GHSA-m77f-652q-wwp4 High
GHSA-2gg5-7c4v-6xx2 was published for axum-core (Rust) Sep 15, 2022 withdrawn
axum-core has no default limit put on request bodies High
CVE-2022-3212 was published for axum-core (Rust) Sep 15, 2022
Eclipse Milo vulnerable to Resource Exhaustion (Denial of Service) High
CVE-2022-25897 was published for org.eclipse.milo:sdk-server (Maven) Sep 15, 2022
SharonBrizinov
Credited to SharonBrizinov
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database