Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

438 advisories

Loading
axum-core has no default limit put on request bodies High
CVE-2022-3212 was published for axum-core (Rust) Sep 15, 2022
Denial of service in sidekiq High
CVE-2022-23837 was published for sidekiq (RubyGems) Jan 27, 2022
modern-async's `forEachSeries` and `forEachLimit` functions do not limit the number of requests High
CVE-2021-41167 was published for modern-async (npm) Oct 21, 2021
Allocation of Resources Without Limits or Throttling in nvflare High
CVE-2022-21822 was published for nvflare (pip) Mar 18, 2022
Nintorac
A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with... High Unreviewed
CVE-2022-20622 was published Apr 16, 2022
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using... High Unreviewed
CVE-2021-44502 was published Apr 16, 2022
Improper Handling of Length Parameter Inconsistency in Compress High
CVE-2021-35517 was published for org.apache.commons:commons-compress (Maven) Aug 2, 2021
Improper Handling of Length Parameter Inconsistency in Compress High
CVE-2021-35516 was published for org.apache.commons:commons-compress (Maven) Aug 2, 2021
A vulnerability in processing of certain DHCP packets from adjacent clients on EX Series and QFX... High Unreviewed
CVE-2021-0217 was published May 24, 2022
Helm Controller denial of service High
CVE-2022-36049 was published for github.com/fluxcd/flux2 (Go) Sep 16, 2022
pjbgf
If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where... High Unreviewed
CVE-2022-30522 was published Jun 10, 2022
In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r... High Unreviewed
CVE-2022-29404 was published Jun 10, 2022
Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior... High Unreviewed
CVE-2022-27871 was published Jun 22, 2022
Improper memory allocation during counter check DLM handling can lead to denial of service in... High Unreviewed
CVE-2021-35096 was published Jun 15, 2022
Denial of Service in Spring Cloud Function High
CVE-2022-22979 was published for org.springframework.cloud:spring-cloud-function-parent (Maven) Jun 22, 2022
An issue was discovered in MediaWiki through 1.38.1. The lemma length of a Wikibase lexeme is... High Unreviewed
CVE-2022-34750 was published Jun 29, 2022
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc... High Unreviewed
CVE-2022-32046 was published Jul 2, 2022
In Bento4 1.6.0-638, there is an allocator is out of memory in the function AP4_Array... High Unreviewed
CVE-2021-40941 was published Jun 28, 2022
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the url... High Unreviewed
CVE-2022-32049 was published Jul 2, 2022
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc... High Unreviewed
CVE-2022-32052 was published Jul 2, 2022
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the password... High Unreviewed
CVE-2022-32044 was published Jul 2, 2022
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function... High Unreviewed
CVE-2022-32043 was published Jul 2, 2022
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac... High Unreviewed
CVE-2022-32053 was published Jul 2, 2022
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function... High Unreviewed
CVE-2022-32041 was published Jul 2, 2022
An issue was discovered in glFTPd 2.11a that allows remote attackers to cause a denial of service... High Unreviewed
CVE-2021-31645 was published Jul 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database