Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,366 advisories

Loading
An issue found in edjing Mix v.7.09.01 for Android allows a local attacker to cause a denial of... Moderate Unreviewed
CVE-2023-29735 was published May 30, 2023
A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several... Moderate Unreviewed
CVE-2023-28320 was published May 26, 2023
mp4v2 v2.1.2 was discovered to contain a memory leak via the class MP4BytesProperty. Moderate Unreviewed
CVE-2023-33720 was published May 26, 2023
A vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a... Moderate Unreviewed
CVE-2023-1981 was published May 26, 2023
In Cloud foundry routing release versions from 0.262.0 and prior to 0.266.0,a bug in the gorouter... Moderate Unreviewed
CVE-2023-20882 was published May 26, 2023
Denial-of-service (DoS) vulnerability in Message of Cybozu Garoon 4.10.0 to 5.9.2 allows a remote... Moderate Unreviewed
CVE-2023-26595 was published May 23, 2023
An uncontrolled resource consumption vulnerability issue that could arise by sending crafted... Moderate Unreviewed
CVE-2022-36326 was published May 18, 2023
ReactPHP's HTTP server continues parsing unused multipart parts after reaching input field and file upload limits Moderate
CVE-2023-26044 was published for react/http (Composer) May 17, 2023
WyriHaximus
Credited to WyriHaximus
In pushDynamicShortcut of ShortcutPackage.java, there is a possible way to get the device into a... Moderate Unreviewed
CVE-2023-20930 was published May 16, 2023
github.com/ipfs/kubo affected by DOS Bitswap unbounded persistent memory leak Moderate
GHSA-qvqg-6rp8-4p9h was published for github.com/ipfs/kubo (Go) May 11, 2023
Jorropo
Credited to Jorropo
Uncontrolled resource consumption in the Intel(R) Unite(R) android application before Release 17... Moderate Unreviewed
CVE-2023-25179 was published May 10, 2023
Uncontrolled resource consumption in the Intel(R) Smart Campus Android application before version... Moderate Unreviewed
CVE-2022-46645 was published May 10, 2023
Uncontrolled resource consumption in the Intel(R) Connect M Android application before version 1... Moderate Unreviewed
CVE-2022-41801 was published May 10, 2023
In affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which... Moderate Unreviewed
CVE-2022-4008 was published May 10, 2023
IBM MQ Clients 9.2 CD, 9.3 CD, and 9.3 LTS are vulnerable to a denial of service attack when... Moderate Unreviewed
CVE-2023-22874 was published May 5, 2023
Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component... Moderate Unreviewed
CVE-2023-30408 was published Apr 25, 2023
Jerryscript commit 1a2c047 was discovered to contain a segmentation violation via the component... Moderate Unreviewed
CVE-2023-30406 was published Apr 25, 2023
Ribose RNP before 0.16.3 may hang when the input is malformed. Moderate Unreviewed
CVE-2023-29479 was published Apr 24, 2023
An issue found in Ego Studio SuperClean v.1.1.9 and v.1.1.5 allows an attacker to gain privileges... Moderate Unreviewed
CVE-2023-27652 was published Apr 20, 2023
An issue was discovered in ONOS 2.5.1. To attack an intent installed by a normal user, a remote... Moderate Unreviewed
CVE-2022-24109 was published Apr 20, 2023
In parseUsesPermission of ParsingPackageUtils.java, there is a possible boot loop due to resource... Moderate Unreviewed
CVE-2023-21090 was published Apr 19, 2023
OutOfMemoryError for large multipart without filename in Eclipse Jetty Moderate
CVE-2023-26048 was published for org.eclipse.jetty:jetty-server (Maven) Apr 19, 2023
lachlan-roberts jeffalder
Credited to lachlan-roberts and jeffalder
Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications... Moderate Unreviewed
CVE-2023-21925 was published Apr 18, 2023
GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service... Moderate Unreviewed
CVE-2023-1994 was published Apr 13, 2023
SAP NetWeaver AS for ABAP (Business Server Pages) - versions 700, 701, 702, 731, 740, 750, 751,... Moderate Unreviewed
CVE-2023-29185 was published Apr 11, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database