GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
369 advisories
Filter by severity
A lack of appropriate timeouts in GitLab Pages included in GitLab CE/EE all versions prior to 14...
Moderate
Unreviewed
CVE-2022-1121
was published
Apr 5, 2022
IBM App Connect Enterprise Certified Container Dashboard UI (IBM App Connect Enterprise Certified...
Moderate
Unreviewed
CVE-2022-22404
was published
Apr 2, 2022
Mattermost Playbooks plugin v1.24.0 and earlier fails to properly check the limit on the number...
Moderate
Unreviewed
CVE-2022-1333
was published
Apr 14, 2022
Uncontrolled memory consumption
Moderate
CVE-2021-31811
was published
for
org.apache.pdfbox:pdfbox
(Maven)
Jun 15, 2021
TYPO3 CMS vulnerable to Denial of Service in Page Error Handling
Moderate
CVE-2022-36104
was published
for
typo3/cms
(Composer)
Sep 16, 2022
basic/unit-name.c in systemd 220 through 248 has a Memory Allocation with an Excessive Size Value...
Moderate
Unreviewed
CVE-2021-33910
was published
May 24, 2022
xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to...
Moderate
Unreviewed
CVE-2021-28700
was published
May 24, 2022
An issue has been found in function XRef::fetch in PDF2JSON 0.70 that allows attackers to cause a...
Moderate
Unreviewed
CVE-2020-19464
was published
May 24, 2022
Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of...
Moderate
Unreviewed
CVE-2019-9516
was published
May 24, 2022
An issue has been found in function vfprintf in PDF2JSON 0.70 that allows attackers to cause a...
Moderate
Unreviewed
CVE-2020-19463
was published
May 24, 2022
adbyby v2.7 allows external users to make connections via port 8118. This can cause a program...
Moderate
Unreviewed
CVE-2022-29767
was published
Jun 4, 2022
A vulnerability due to the improper handling of direct memory access (DMA) buffers on EX4300...
Moderate
Unreviewed
CVE-2021-0242
was published
May 24, 2022
An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core...
Moderate
Unreviewed
CVE-2022-31285
was published
Jun 11, 2022
An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom...
Moderate
Unreviewed
CVE-2022-31287
was published
Jun 11, 2022
PNGDec commit 8abf6be was discovered to contain a memory allocation problem via asan_malloc_linux...
Moderate
Unreviewed
CVE-2022-35009
was published
Aug 17, 2022
The schm_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service via a...
Moderate
Unreviewed
CVE-2021-40607
was published
Jun 29, 2022
There's a flaw in OpenEXR's scanline input file functionality in versions before 3.0.0-beta. An...
Moderate
Unreviewed
CVE-2021-3478
was published
May 24, 2022
There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker...
Moderate
Unreviewed
CVE-2021-3479
was published
May 24, 2022
Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote...
Moderate
Unreviewed
CVE-2022-29892
was published
Jul 5, 2022
Teamplus Pro community discussion has an ‘allocation of resource without limits or throttling’...
Moderate
Unreviewed
CVE-2022-35221
was published
Aug 3, 2022
Teamplus Pro community discussion function has an ‘allocation of resource without limits or...
Moderate
Unreviewed
CVE-2022-35220
was published
Aug 3, 2022
On version 15.1.x before 15.1.3, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.6, when the...
Moderate
Unreviewed
CVE-2021-23053
was published
May 24, 2022
Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible...
Moderate
Unreviewed
CVE-2020-9059
was published
Jan 11, 2022
A flaw was found in Clmg, where with the help of a maliciously crafted pandore or bmp file with...
Moderate
Unreviewed
CVE-2022-1325
was published
Sep 1, 2022
In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function ...
Moderate
Unreviewed
CVE-2020-35534
was published
Sep 2, 2022
ProTip!
Advisories are also available from the
GraphQL API