Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,311 advisories

Loading
Uncontrolled Resource Consumption in opcua High
CVE-2022-25888 was published for opcua (Rust) Aug 24, 2022
Uncontrolled Resource Consumption in asyncua and opcua High
CVE-2022-25304 was published for asyncua (pip) Aug 24, 2022
GoetzGoerisch tdunlap607
Credited to GoetzGoerisch and tdunlap607
The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to... High Unreviewed
CVE-2022-25761 was published Aug 24, 2022
node-opcua DoS vulnerability via message with memory allocation that exceeds v8's memory limit High
CVE-2022-25231 was published for node-opcua (npm) Aug 24, 2022
A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg... Moderate Unreviewed
CVE-2021-3759 was published Aug 24, 2022
SWFMill commit 53d7690 was discovered to contain a memory allocation issue via operator new[]... Moderate Unreviewed
CVE-2022-36146 was published Aug 17, 2022
tifig v0.2.2 was discovered to contain a resource allocation issue via operator new(unsigned long... Moderate Unreviewed
CVE-2022-36155 was published Aug 17, 2022
tifig v0.2.2 was discovered to contain a heap-buffer overflow via __asan_memmove at /asan... Moderate Unreviewed
CVE-2022-36150 was published Aug 17, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::reset()... Moderate Unreviewed
CVE-2022-35104 was published Aug 17, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via draw_stroke at ... Moderate Unreviewed
CVE-2022-35109 was published Aug 17, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via /bin/png2swf+0x552cea. Moderate Unreviewed
CVE-2022-35105 was published Aug 17, 2022
SWFTools commit 772e55a2 was discovered to contain a stack overflow via __sanitizer:... Moderate Unreviewed
CVE-2022-35111 was published Aug 17, 2022
SWFTools commit 772e55a2 was discovered to contain a stack overflow via vfprintf at /stdio-common... Moderate Unreviewed
CVE-2022-35107 was published Aug 17, 2022
PNGDec commit 8abf6be was discovered to contain a memory allocation problem via asan_malloc_linux... Moderate Unreviewed
CVE-2022-35009 was published Aug 17, 2022
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via... Moderate Unreviewed
CVE-2022-35113 was published Aug 17, 2022
In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it... High Unreviewed
CVE-2020-14322 was published Aug 17, 2022
OpenZeppelin Contracts ERC165Checker unbounded gas consumption Moderate
CVE-2022-35915 was published for @openzeppelin/contracts (npm) Aug 14, 2022
TEE_Malloc in Samsung mTower through 0.3.0 allows a trusted application to achieve Excessive... High Unreviewed
CVE-2022-38155 was published Aug 12, 2022
A vulnerability has been identified in SCALANCE M-800 / S615 (All versions), SCALANCE W-1700 IEEE... High Unreviewed
CVE-2022-36324 was published Aug 11, 2022
Apache Avro Rust SDK's Reader could consume memory beyond allowed constraints High
CVE-2022-36124 was published for apache-avro (Rust) Aug 10, 2022
Rust-WebSocket memory allocation based on untrusted length High
CVE-2022-35922 was published for websocket (Rust) Aug 6, 2022
evanrichter
Credited to evanrichter
The Uniwill SparkIO.sys driver 1.0 is vulnerable to a stack-based buffer overflow via IOCTL... High Unreviewed
CVE-2022-37415 was published Aug 6, 2022
TripleCross v0.1.0 was discovered to contain a stack overflow which occurs because there is no... High Unreviewed
CVE-2022-35506 was published Aug 4, 2022
A segmentation fault in TripleCross v0.1.0 occurs when sending a control command from the client... High Unreviewed
CVE-2022-35505 was published Aug 4, 2022
Teamplus Pro community discussion function has an ‘allocation of resource without limits or... Moderate Unreviewed
CVE-2022-35220 was published Aug 3, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database