GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
140 advisories
Filter by severity
A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL...
High
Unreviewed
CVE-2019-3821
was published
May 13, 2022
Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated...
High
Unreviewed
CVE-2023-1150
was published
Jun 26, 2023
Uncontrolled resource consumption in Zoom SDKs before 5.14.7 may allow an unauthenticated user to...
High
Unreviewed
CVE-2023-36533
was published
Aug 8, 2023
A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process,...
High
Unreviewed
CVE-2024-39562
was published
Jul 11, 2024
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and...
High
Unreviewed
CVE-2018-0158
was published
May 13, 2022
In the Linux kernel, the following vulnerability has been resolved:
ubifs: Set page uptodate in...
High
Unreviewed
CVE-2024-35821
was published
May 17, 2024
The Video_Converter app 0.1.0 for Nextcloud allows denial of service (CPU and memory consumption)...
High
Unreviewed
CVE-2019-18214
was published
May 24, 2022
Boa through 0.94.14rc21 allows remote attackers to trigger a memory leak because of missing calls...
High
Unreviewed
CVE-2018-21028
was published
May 24, 2022
A failure to free memory can occur when processing messages having a specific combination of EDNS...
High
Unreviewed
CVE-2018-5744
was published
May 24, 2022
Foxit Reader before 9.7 allows an Access Violation and crash if insufficient memory exists.
High
Unreviewed
CVE-2019-17183
was published
May 24, 2022
A service worker can send the activate event on itself periodically which allows it to run...
High
Unreviewed
CVE-2018-5179
was published
May 24, 2022
PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which...
High
Unreviewed
CVE-2010-4657
was published
Apr 21, 2022
When a BIG-IP ASM/Advanced WAF security policy is configured on a virtual server, undisclosed...
High
Unreviewed
CVE-2024-21789
was published
Feb 14, 2024
The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before 1.2.23, 1.4.x before 1.4.9, and...
High
Unreviewed
CVE-2007-4103
was published
May 1, 2022
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA)...
High
Unreviewed
CVE-2023-20095
was published
Nov 1, 2023
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect...
High
Unreviewed
CVE-2021-1620
was published
May 24, 2022
In 389-ds-base up to version 1.4.1.2, requests are handled by workers threads. Each sockets will...
High
Unreviewed
CVE-2019-3883
was published
May 13, 2022
A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with...
High
Unreviewed
CVE-2022-26353
was published
Mar 17, 2022
A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of...
High
Unreviewed
CVE-2020-22844
was published
Mar 1, 2022
A Missing Release of Resource after Effective Lifetime vulnerability in the Packet Forwarding...
High
Unreviewed
CVE-2022-22170
was published
Jan 20, 2022
Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x...
High
Unreviewed
CVE-2009-2903
was published
May 2, 2022
Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c...
High
Unreviewed
CVE-2017-10810
was published
May 13, 2022
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c has a memory leak.
High
Unreviewed
CVE-2018-9272
was published
May 13, 2022
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-isup.c has a memory leak.
High
Unreviewed
CVE-2018-9266
was published
May 13, 2022
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ui/failure_message.c has a memory leak.
High
Unreviewed
CVE-2018-9274
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API