GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
151 advisories
Filter by severity
Waitress vulnerable to DoS leading to high CPU usage/resource exhaustion
High
CVE-2024-49769
was published
for
waitress
(pip)
Oct 29, 2024
A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process,...
High
Unreviewed
CVE-2024-39562
was published
Jul 11, 2024
In the Linux kernel, the following vulnerability has been resolved:
ubifs: Set page uptodate in...
High
Unreviewed
CVE-2024-35821
was published
May 17, 2024
When a BIG-IP ASM/Advanced WAF security policy is configured on a virtual server, undisclosed...
High
Unreviewed
CVE-2024-21789
was published
Feb 14, 2024
Etcd Gateway can include itself as an endpoint resulting in resource exhaustion
High
CVE-2020-15114
was published
for
go.etcd.io/etcd
(Go)
Jan 31, 2024
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA)...
High
Unreviewed
CVE-2023-20095
was published
Nov 1, 2023
Uncontrolled resource consumption in Zoom SDKs before 5.14.7 may allow an unauthenticated user to...
High
Unreviewed
CVE-2023-36533
was published
Aug 8, 2023
Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated...
High
Unreviewed
CVE-2023-1150
was published
Jun 26, 2023
A vulnerability classified as problematic was found in vicamo NetworkManager. Affected by this...
High
Unreviewed
CVE-2014-125042
was published
Jan 5, 2023
golang.org/x/text/language Denial of service via crafted Accept-Language header
High
CVE-2022-32149
was published
for
golang.org/x/text
(Go)
Oct 14, 2022
An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security...
High
Unreviewed
CVE-2022-40280
was published
Sep 9, 2022
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions <...
High
Unreviewed
CVE-2022-29884
was published
Jul 13, 2022
An issue was discovered in swftools through 20201222 through a memory leak in the swftools when...
High
Unreviewed
CVE-2021-42197
was published
Jun 3, 2022
A memory leak issue was discovered in Mini-XML v3.2 that could cause a denial of service.
High
Unreviewed
CVE-2021-42859
was published
May 27, 2022
A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the...
High
Unreviewed
CVE-2021-42860
was published
May 27, 2022
rudp v0.6 was discovered to contain a memory leak in the component main.c.
High
Unreviewed
CVE-2020-20665
was published
May 24, 2022
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect...
High
Unreviewed
CVE-2021-1620
was published
May 24, 2022
OpenStack Neutron Denial of Service vulnerability
High
CVE-2021-40797
was published
for
neutron
(pip)
May 24, 2022
Missing Release of Resource after Effective Lifetime vulnerability in OpenSSL implementation of...
High
Unreviewed
CVE-2021-34581
was published
May 24, 2022
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ...
High
Unreviewed
CVE-2021-1523
was published
May 24, 2022
Live555 through 1.08 has a memory leak in AC3AudioStreamParser for AC3 files.
High
Unreviewed
CVE-2021-39282
was published
May 24, 2022
In Phoenix Contact FL COMSERVER UNI in versions < 2.40 a invalid Modbus exception response can...
High
Unreviewed
CVE-2021-21002
was published
May 24, 2022
Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack...
High
Unreviewed
CVE-2021-22883
was published
May 24, 2022
Any git operation is passed through Jetty and a session is created. No expiry is set for the...
High
Unreviewed
CVE-2021-22553
was published
May 24, 2022
smtpd/table.c in OpenSMTPD before 6.8.0p1 lacks a certain regfree, which might allow attackers to...
High
Unreviewed
CVE-2020-35679
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API