Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,366 advisories

Loading
A potential DoS vulnerability was discovered in Gitlab CE/EE versions starting from 10.7 before... Moderate Unreviewed
CVE-2022-2908 was published Oct 17, 2022
A business logic issue in the handling of large repositories in all versions of GitLab CE/EE from... Moderate Unreviewed
CVE-2022-2455 was published Oct 17, 2022
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This... Moderate Unreviewed
CVE-2022-39126 was published Oct 15, 2022
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This... Moderate Unreviewed
CVE-2022-39125 was published Oct 15, 2022
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This... Moderate Unreviewed
CVE-2022-39128 was published Oct 15, 2022
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This... Moderate Unreviewed
CVE-2022-39127 was published Oct 15, 2022
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This... Moderate Unreviewed
CVE-2022-39123 was published Oct 15, 2022
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This... Moderate Unreviewed
CVE-2022-39124 was published Oct 15, 2022
In cell service, there is a missing permission check. This could lead to local denial of service... Moderate Unreviewed
CVE-2022-38677 was published Oct 15, 2022
In music service, there is a missing permission check. This could lead to local denial of service... Moderate Unreviewed
CVE-2022-38679 was published Oct 15, 2022
In messaging service, there is a missing permission check. This could lead to local denial of... Moderate Unreviewed
CVE-2022-38687 was published Oct 15, 2022
Windows Event Logging Service Denial of Service Vulnerability. Moderate Unreviewed
CVE-2022-37981 was published Oct 12, 2022
In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent degradation of... Moderate Unreviewed
CVE-2022-20425 was published Oct 12, 2022
P2M pool freeing may take excessively long The P2M pool backing second level address translation... Moderate Unreviewed
CVE-2022-33746 was published Oct 11, 2022
XAPI open file limit DoS It is possible for an unauthenticated client on the network to cause... Moderate Unreviewed
CVE-2022-33749 was published Oct 11, 2022
The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse... Moderate Unreviewed
CVE-2022-3433 was published Oct 11, 2022
NocoDB vulnerable to Denial of Service Moderate
CVE-2022-3423 was published for nocodb (npm) Oct 7, 2022
Tendermint Core vulnerable to Uncontrolled Resource Consumption Moderate
CVE-2021-21271 was published for github.com/tendermint/tendermint (Go) Oct 7, 2022
cmwaters melekes
cyril-crypto brianatcrypto tomtau yihuang
Credited to cmwaters, melekes, cyril-crypto, brianatcrypto, tomtau, and yihuang
kamadak-exif vulnerable to Infinite loop when parsing PNG files Moderate
CVE-2021-21235 was published for kamadak-exif (Rust) Oct 6, 2022
An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetch(int, int, Object*, int) in... Moderate Unreviewed
CVE-2022-41844 was published Oct 1, 2022
An issue was discovered in Xpdf 4.04. There is a crash in gfseek(_IO_FILE*, long, int) in goo... Moderate Unreviewed
CVE-2022-41842 was published Oct 1, 2022
Unbounded resource exhaustion in cmark-gfm autolink extension may lead to denial of service Moderate
GHSA-4qw4-jpp4-8gvp was published for commonmarker (RubyGems) Sep 21, 2022
JOSE vulnerable to resource exhaustion via specifically crafted JWE Moderate
CVE-2022-36083 was published for jose (npm) Sep 16, 2022
TomTervoort panva
Churro
Credited to TomTervoort, panva, and Churro
Cargo extracting malicious crates can fill the file system Moderate
CVE-2022-36114 was published for cargo (Rust) Sep 16, 2022
pietroalbini litios
Credited to pietroalbini and litios
The login form /Login in ECi Printanista Hub (formerly FMAudit Printscout) through 2022-06-27... Moderate Unreviewed
CVE-2022-40306 was published Sep 16, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database