Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

368 advisories

Loading
The AWV and MiCollab Client Service components in Mitel MiCollab before 9.3 could allow an... Moderate Unreviewed
CVE-2021-32068 was published May 24, 2022
A vulnerability was discovered in GitLab versions before 14.0.2, 13.12.6, 13.11.6. GitLab Webhook... Moderate Unreviewed
CVE-2021-22246 was published May 24, 2022
An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0... Moderate Unreviewed
CVE-2020-18899 was published May 24, 2022
A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an... Moderate Unreviewed
CVE-2021-1592 was published May 24, 2022
xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to... Moderate Unreviewed
CVE-2021-28700 was published May 24, 2022
All versions of the afffected TOYOPUC-PC10 Series,TOYOPUC-Plus Series,TOYOPUC-PC3J/PC2J Series,... Moderate Unreviewed
CVE-2021-33011 was published May 24, 2022
On version 15.1.x before 15.1.3, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.6, when the... Moderate Unreviewed
CVE-2021-23053 was published May 24, 2022
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 under very... Moderate Unreviewed
CVE-2021-29763 was published May 24, 2022
MediaWiki allows a denial of service Moderate
CVE-2021-41800 was published for mediawiki/core (Composer) May 24, 2022
On MX Series platforms with MS-MPC/MS-MIC, an Allocation of Resources Without Limits or... Moderate Unreviewed
CVE-2021-31369 was published May 24, 2022
The webinstaller is a Golang web server executable that enables the generation of an Auvesy image... Moderate Unreviewed
CVE-2021-38465 was published May 24, 2022
A component of the HarmonyOS has a Allocation of Resources Without Limits or Throttling... Moderate Unreviewed
CVE-2021-22461 was published May 24, 2022
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel driver, where a... Moderate Unreviewed
CVE-2021-1121 was published May 24, 2022
A potential DOS vulnerability was discovered in GitLab CE/EE starting with version 13.7. The... Moderate Unreviewed
CVE-2021-39907 was published May 24, 2022
A potential DoS vulnerability was discovered in GitLab CE/EE starting with version 13.7. Using a... Moderate Unreviewed
CVE-2021-39912 was published May 24, 2022
A regular expression denial of service issue in GitLab versions 8.13 to 14.2.5, 14.3.0 to 14.3.3... Moderate Unreviewed
CVE-2021-39914 was published May 24, 2022
adbyby v2.7 allows external users to make connections via port 8118. This can cause a program... Moderate Unreviewed
CVE-2022-29767 was published Jun 4, 2022
An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom... Moderate Unreviewed
CVE-2022-31287 was published Jun 11, 2022
An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core... Moderate Unreviewed
CVE-2022-31285 was published Jun 11, 2022
Denial of Service in GitHub repository inventree/inventree prior to 0.8.0. Moderate Unreviewed
CVE-2022-2134 was published Jun 21, 2022
DoS through large manifest files in Argo CD Moderate
CVE-2022-31016 was published for github.com/argoproj/argo-cd (Go) Jun 21, 2022
AdamKorcz
The GetHintFormat function in GPAC 1.0.1 allows attackers to cause a denial of service via a... Moderate Unreviewed
CVE-2021-40609 was published Jun 29, 2022
The schm_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service via a... Moderate Unreviewed
CVE-2021-40607 was published Jun 29, 2022
Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote... Moderate Unreviewed
CVE-2022-29892 was published Jul 5, 2022
A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to... Moderate Unreviewed
CVE-2022-32205 was published Jul 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database