Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
832
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

140 advisories

Loading
Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated... High Unreviewed
CVE-2023-1150 was published Jun 26, 2023
Uncontrolled resource consumption in Zoom SDKs before 5.14.7 may allow an unauthenticated user to... High Unreviewed
CVE-2023-36533 was published Aug 8, 2023
A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process,... High Unreviewed
CVE-2024-39562 was published Jul 11, 2024
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and... High Unreviewed
CVE-2018-0158 was published May 13, 2022
In the Linux kernel, the following vulnerability has been resolved: ubifs: Set page uptodate in... High Unreviewed
CVE-2024-35821 was published May 17, 2024
The Video_Converter app 0.1.0 for Nextcloud allows denial of service (CPU and memory consumption)... High Unreviewed
CVE-2019-18214 was published May 24, 2022
Boa through 0.94.14rc21 allows remote attackers to trigger a memory leak because of missing calls... High Unreviewed
CVE-2018-21028 was published May 24, 2022
A failure to free memory can occur when processing messages having a specific combination of EDNS... High Unreviewed
CVE-2018-5744 was published May 24, 2022
Foxit Reader before 9.7 allows an Access Violation and crash if insufficient memory exists. High Unreviewed
CVE-2019-17183 was published May 24, 2022
A service worker can send the activate event on itself periodically which allows it to run... High Unreviewed
CVE-2018-5179 was published May 24, 2022
PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which... High Unreviewed
CVE-2010-4657 was published Apr 21, 2022
When a BIG-IP ASM/Advanced WAF security policy is configured on a virtual server, undisclosed... High Unreviewed
CVE-2024-21789 was published Feb 14, 2024
The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before 1.2.23, 1.4.x before 1.4.9, and... High Unreviewed
CVE-2007-4103 was published May 1, 2022
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA)... High Unreviewed
CVE-2023-20095 was published Nov 1, 2023
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect... High Unreviewed
CVE-2021-1620 was published May 24, 2022
In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will... High Unreviewed
CVE-2019-3883 was published May 13, 2022
A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with... High Unreviewed
CVE-2022-26353 was published Mar 17, 2022
A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of... High Unreviewed
CVE-2020-22844 was published Mar 1, 2022
A Missing Release of Resource after Effective Lifetime vulnerability in the Packet Forwarding... High Unreviewed
CVE-2022-22170 was published Jan 20, 2022
Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x... High Unreviewed
CVE-2009-2903 was published May 2, 2022
Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c... High Unreviewed
CVE-2017-10810 was published May 13, 2022
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-isup.c has a memory leak. High Unreviewed
CVE-2018-9266 was published May 13, 2022
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c has a memory leak. High Unreviewed
CVE-2018-9272 was published May 13, 2022
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ui/failure_message.c has a memory leak. High Unreviewed
CVE-2018-9274 was published May 13, 2022
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-multipart.c has a memory... High Unreviewed
CVE-2018-9271 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database