Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,366 advisories

Loading
In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use,... Moderate Unreviewed
CVE-2022-35241 was published Aug 5, 2022
node-fetch Inefficient Regular Expression Complexity Moderate
CVE-2022-2596 was published for node-fetch (npm) Aug 2, 2022
vovikhangcdv
Credited to vovikhangcdv
ZXEN CG200 has a DoS vulnerability. An attacker could construct and send a large number of HTTP... Moderate Unreviewed
CVE-2022-23142 was published Jul 19, 2022
The legacy Slack import feature in Mattermost version 6.7.0 and earlier fails to properly limit... Moderate Unreviewed
CVE-2022-2406 was published Jul 15, 2022
In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption... Moderate Unreviewed
CVE-2022-30792 was published Jul 12, 2022
In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows... Moderate Unreviewed
CVE-2022-30791 was published Jul 12, 2022
DoS in KubeEdge's Websocket Client in package Viaduct Moderate
CVE-2022-31080 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
DavidKorczynski AdamKorcz
Credited to DavidKorczynski and AdamKorcz
KubeEdge Cloud Stream and Edge Stream DoS from large stream message Moderate
CVE-2022-31079 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
AdamKorcz DavidKorczynski
Credited to AdamKorcz and DavidKorczynski
KubeEdge CloudCore Router memory exhaustion vulnerability Moderate
CVE-2022-31078 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
DavidKorczynski AdamKorcz
Credited to DavidKorczynski and AdamKorcz
KubeEdge DoS when signing the CSR from EdgeCore Moderate
CVE-2022-31075 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
DavidKorczynski AdamKorcz
Credited to DavidKorczynski and AdamKorcz
KubeEdge Cloud AdmissionController component DoS Moderate
CVE-2022-31074 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
DavidKorczynski AdamKorcz
Credited to DavidKorczynski and AdamKorcz
KubeEdge Edge ServiceBus module DoS Moderate
CVE-2022-31073 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
DavidKorczynski AdamKorcz
Credited to DavidKorczynski and AdamKorcz
A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an... Moderate Unreviewed
CVE-2022-20808 was published Jul 7, 2022
DOS and excessive memory usage when passing untrusted user input to to dag import Moderate
GHSA-f2gr-7299-487h was published for github.com/ipfs/go-ipfs (Go) Jul 6, 2022
Jorropo avivdolev
Credited to Jorropo and avivdolev
Malformed CAR panics and excessive memory usage Moderate
GHSA-9x4h-8wgm-8xfg was published for github.com/ipld/go-car (Go) Jul 6, 2022
Jorropo rvagg
willscott masih BigLep
Credited to Jorropo, rvagg, willscott, masih, and BigLep
The gf_bs_write_data function in GPAC 1.0.1 allows attackers to cause a denial of service via a... Moderate Unreviewed
CVE-2021-40606 was published Jun 29, 2022
Uncontrolled Resource Consumption in Spray JSON Moderate
CVE-2018-18855 was published for io.spray:spray-json_2.10 (Maven) Jun 28, 2022
In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections... Moderate Unreviewed
CVE-2022-31803 was published Jun 25, 2022
Denial of Service (DoS) vulnerability in RSSHub Moderate
CVE-2022-31110 was published for rsshub (npm) Jun 23, 2022
Rongronggg9
Credited to Rongronggg9
DoS through large manifest files in Argo CD Moderate
CVE-2022-31016 was published for github.com/argoproj/argo-cd (Go) Jun 21, 2022
AdamKorcz
Credited to AdamKorcz
The Rating by BestWebSoft WordPress plugin through 1.5 does not validate the submitted rating,... Moderate Unreviewed
CVE-2021-25121 was published Jun 21, 2022
Denial of Service in GitHub repository inventree/inventree prior to 0.8.0. Moderate Unreviewed
CVE-2022-2134 was published Jun 21, 2022
In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent denial of service due... Moderate Unreviewed
CVE-2022-20143 was published Jun 16, 2022
Windows Kernel Denial of Service Vulnerability. Moderate Unreviewed
CVE-2022-30155 was published Jun 16, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.8 before 14... Moderate Unreviewed
CVE-2022-1821 was published Jun 7, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database