Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

438 advisories

Loading
A vulnerability has been identified in SCALANCE M-800 / S615 (All versions), SCALANCE W-1700 IEEE... High Unreviewed
CVE-2022-36324 was published Aug 11, 2022
A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD... High Unreviewed
CVE-2022-20751 was published May 4, 2022
A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD)... High Unreviewed
CVE-2022-20767 was published May 4, 2022
A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD)... High Unreviewed
CVE-2022-20757 was published May 4, 2022
Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin is vulnerable to Buffer Overflow. The stack... High Unreviewed
CVE-2022-28556 was published May 5, 2022
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.14.1), RUGGEDCOM... High Unreviewed
CVE-2021-41546 was published May 24, 2022
An issue has been discovered in GitLab affecting all versions starting from 13.9 before 14.8.6,... High Unreviewed
CVE-2022-1510 was published May 12, 2022
The Uniwill SparkIO.sys driver 1.0 is vulnerable to a stack-based buffer overflow via IOCTL... High Unreviewed
CVE-2022-37415 was published Aug 6, 2022
Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a... High Unreviewed
CVE-2019-9518 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial... High Unreviewed
CVE-2019-9515 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially... High Unreviewed
CVE-2019-9517 was published May 24, 2022
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization... High Unreviewed
CVE-2019-9511 was published May 24, 2022
Allocation of Resources Without Limits or Throttling in Apache Tika High
CVE-2019-10088 was published for org.apache.tika:tika-core (Maven) Aug 6, 2019
Allocation of Resources Without Limits or Throttling in Apache Tika High
CVE-2019-10094 was published for org.apache.tika:tika-core (Maven) Aug 6, 2019
A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS... High Unreviewed
CVE-2019-1737 was published May 13, 2022
The jv_dump_term function in jq 1.5 allows remote attackers to cause a denial of service (stack... High Unreviewed
CVE-2016-4074 was published May 13, 2022
ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers,... High Unreviewed
CVE-2019-10953 was published May 13, 2022
Denial of Service in Netty High
CVE-2020-11612 was published for io.netty:netty-handler (Maven) Jun 15, 2020
Denial of Service in Cryptacular High
CVE-2020-7226 was published for org.cryptacular:cryptacular (Maven) Jun 10, 2020
In JetBrains Hub before 2022.3.15181 Throttling was missed when sending emails to a particular... High Unreviewed
CVE-2022-45471 was published Nov 18, 2022
Keep-alive HTTP and HTTPS connections can remain open and inactive for up to 2 minutes in Node.js... High Unreviewed
CVE-2019-5739 was published May 13, 2022
ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ReadOneJNGImage in coders\png.c. High Unreviewed
CVE-2017-12643 was published May 13, 2022
A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated,... High Unreviewed
CVE-2019-1599 was published May 13, 2022
A vulnerability in the UDP protocol implementation for Cisco IoT Field Network Director (IoT-FND)... High Unreviewed
CVE-2019-1644 was published May 13, 2022
Specific IPv6 DHCP packets received by the jdhcpd daemon will cause a memory resource consumption... High Unreviewed
CVE-2019-0031 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database