Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

920 advisories

Loading
SWFTools commit 772e55a2 was discovered to contain a stack overflow via vfprintf at /stdio-common... Moderate Unreviewed
CVE-2022-35107 was published Aug 17, 2022
In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it... High Unreviewed
CVE-2020-14322 was published Aug 17, 2022
TEE_Malloc in Samsung mTower through 0.3.0 allows a trusted application to achieve Excessive... High Unreviewed
CVE-2022-38155 was published Aug 12, 2022
A vulnerability has been identified in SCALANCE M-800 / S615 (All versions), SCALANCE W-1700 IEEE... High Unreviewed
CVE-2022-36324 was published Aug 11, 2022
The Uniwill SparkIO.sys driver 1.0 is vulnerable to a stack-based buffer overflow via IOCTL... High Unreviewed
CVE-2022-37415 was published Aug 6, 2022
TripleCross v0.1.0 was discovered to contain a stack overflow which occurs because there is no... High Unreviewed
CVE-2022-35506 was published Aug 4, 2022
A segmentation fault in TripleCross v0.1.0 occurs when sending a control command from the client... High Unreviewed
CVE-2022-35505 was published Aug 4, 2022
Teamplus Pro community discussion function has an ‘allocation of resource without limits or... Moderate Unreviewed
CVE-2022-35220 was published Aug 3, 2022
Teamplus Pro community discussion has an ‘allocation of resource without limits or throttling’... Moderate Unreviewed
CVE-2022-35221 was published Aug 3, 2022
The NHI card’s web service component has a heap-based buffer overflow vulnerability due to... Moderate Unreviewed
CVE-2022-35218 was published Aug 3, 2022
The NHI card’s web service component has a stack-based buffer overflow vulnerability due to... Moderate Unreviewed
CVE-2022-35219 was published Aug 3, 2022
In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process... High Unreviewed
CVE-2021-46828 was published Jul 21, 2022
A remote attacker with general user privilege can send a message to Teamplus Pro’s chat group... High Unreviewed
CVE-2022-32958 was published Jul 21, 2022
An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding... High Unreviewed
CVE-2022-22212 was published Jul 21, 2022
Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption... High Unreviewed
CVE-2022-29286 was published Jul 18, 2022
The legacy Slack import feature in Mattermost version 6.7.0 and earlier fails to properly limit... Moderate Unreviewed
CVE-2022-2406 was published Jul 15, 2022
A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to... Moderate Unreviewed
CVE-2022-32205 was published Jul 8, 2022
curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can... Moderate Unreviewed
CVE-2022-32206 was published Jul 8, 2022
An issue was discovered in glFTPd 2.11a that allows remote attackers to cause a denial of service... High Unreviewed
CVE-2021-31645 was published Jul 8, 2022
Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote... Moderate Unreviewed
CVE-2022-29892 was published Jul 5, 2022
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function... High Unreviewed
CVE-2022-32043 was published Jul 2, 2022
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the password... High Unreviewed
CVE-2022-32044 was published Jul 2, 2022
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc... High Unreviewed
CVE-2022-32046 was published Jul 2, 2022
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc... High Unreviewed
CVE-2022-32047 was published Jul 2, 2022
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetAPCfg. High Unreviewed
CVE-2022-32037 was published Jul 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database