Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

625 advisories

Loading
A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg... Moderate Unreviewed
CVE-2021-3759 was published Aug 24, 2022
SWFMill commit 53d7690 was discovered to contain a memory allocation issue via operator new[]... Moderate Unreviewed
CVE-2022-36146 was published Aug 17, 2022
tifig v0.2.2 was discovered to contain a resource allocation issue via operator new(unsigned long... Moderate Unreviewed
CVE-2022-36155 was published Aug 17, 2022
tifig v0.2.2 was discovered to contain a heap-buffer overflow via __asan_memmove at /asan... Moderate Unreviewed
CVE-2022-36150 was published Aug 17, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::reset()... Moderate Unreviewed
CVE-2022-35104 was published Aug 17, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via draw_stroke at ... Moderate Unreviewed
CVE-2022-35109 was published Aug 17, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via /bin/png2swf+0x552cea. Moderate Unreviewed
CVE-2022-35105 was published Aug 17, 2022
SWFTools commit 772e55a2 was discovered to contain a stack overflow via __sanitizer:... Moderate Unreviewed
CVE-2022-35111 was published Aug 17, 2022
SWFTools commit 772e55a2 was discovered to contain a stack overflow via vfprintf at /stdio-common... Moderate Unreviewed
CVE-2022-35107 was published Aug 17, 2022
PNGDec commit 8abf6be was discovered to contain a memory allocation problem via asan_malloc_linux... Moderate Unreviewed
CVE-2022-35009 was published Aug 17, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via... Moderate Unreviewed
CVE-2022-35113 was published Aug 17, 2022
OpenZeppelin Contracts ERC165Checker unbounded gas consumption Moderate
CVE-2022-35915 was published for @openzeppelin/contracts (npm) Aug 14, 2022
Teamplus Pro community discussion function has an ‘allocation of resource without limits or... Moderate Unreviewed
CVE-2022-35220 was published Aug 3, 2022
Teamplus Pro community discussion has an ‘allocation of resource without limits or throttling’... Moderate Unreviewed
CVE-2022-35221 was published Aug 3, 2022
The NHI card’s web service component has a heap-based buffer overflow vulnerability due to... Moderate Unreviewed
CVE-2022-35218 was published Aug 3, 2022
The NHI card’s web service component has a stack-based buffer overflow vulnerability due to... Moderate Unreviewed
CVE-2022-35219 was published Aug 3, 2022
The legacy Slack import feature in Mattermost version 6.7.0 and earlier fails to properly limit... Moderate Unreviewed
CVE-2022-2406 was published Jul 15, 2022
DoS in KubeEdge's Websocket Client in package Viaduct Moderate
CVE-2022-31080 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
DavidKorczynski AdamKorcz
Credited to DavidKorczynski and AdamKorcz
KubeEdge Cloud Stream and Edge Stream DoS from large stream message Moderate
CVE-2022-31079 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
AdamKorcz DavidKorczynski
Credited to AdamKorcz and DavidKorczynski
KubeEdge CloudCore Router memory exhaustion vulnerability Moderate
CVE-2022-31078 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
DavidKorczynski AdamKorcz
Credited to DavidKorczynski and AdamKorcz
KubeEdge DoS when signing the CSR from EdgeCore Moderate
CVE-2022-31075 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
DavidKorczynski AdamKorcz
Credited to DavidKorczynski and AdamKorcz
A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to... Moderate Unreviewed
CVE-2022-32205 was published Jul 8, 2022
curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can... Moderate Unreviewed
CVE-2022-32206 was published Jul 8, 2022
Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote... Moderate Unreviewed
CVE-2022-29892 was published Jul 5, 2022
The schm_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service via a... Moderate Unreviewed
CVE-2021-40607 was published Jun 29, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database