GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,493

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

325 advisories

Filter by severity

Sort by

Least recently updated

A potential DOS vulnerability was discovered in GitLab CE/EE starting with version 13.7. The... Moderate Unreviewed

CVE-2021-39907 was published May 24, 2022

iptables before 1.2.4 does not accurately convert rate limits that are specified on the command... Moderate Unreviewed

CVE-2001-1388 was published Apr 30, 2022

SWFMill commit 53d7690 was discovered to contain a memory allocation issue via operator new[]... Moderate Unreviewed

CVE-2022-36146 was published Aug 17, 2022

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via draw_stroke at ... Moderate Unreviewed

CVE-2022-35109 was published Aug 17, 2022

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via /bin/png2swf+0x552cea. Moderate Unreviewed

CVE-2022-35105 was published Aug 17, 2022

SWFTools commit 772e55a2 was discovered to contain a stack overflow via __sanitizer:... Moderate Unreviewed

CVE-2022-35111 was published Aug 17, 2022

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::reset()... Moderate Unreviewed

CVE-2022-35104 was published Aug 17, 2022

SWFTools commit 772e55a2 was discovered to contain a stack overflow via vfprintf at /stdio-common... Moderate Unreviewed

CVE-2022-35107 was published Aug 17, 2022

Apache Tika vulnerable to uncontrolled memory consumption Moderate

CVE-2022-25169 was published for org.apache.tika:tika (Maven) May 17, 2022

SWFTools commit 772e55a2 was discovered to contain a heap-buffer-overflow via getTransparentColor... Moderate Unreviewed

CVE-2022-35089 was published Sep 22, 2022

A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All... Moderate Unreviewed

CVE-2022-41288 was published Dec 13, 2022

relan exFAT 1.3.0 allows local users to obtain sensitive information (data from deleted files in... Moderate Unreviewed

CVE-2022-29973 was published May 3, 2022

Allocation of Resources Without Limits or Throttling in Apache Tika Moderate

CVE-2019-10093 was published for org.apache.tika:tika-parsers (Maven) Aug 6, 2019

An issue has been discovered in GitLab affecting all versions before 14.8.6, all versions... Moderate Unreviewed

CVE-2022-1428 was published May 12, 2022

It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial... Moderate Unreviewed

CVE-2018-16846 was published May 13, 2022

The _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 mishandles EOCD records, which... Moderate Unreviewed

CVE-2017-14107 was published May 13, 2022

Potential DOS attack due to unrestricted attachment count in messages Moderate

CVE-2019-12406 was published for org.apache.cxf:apache-cxf (Maven) Nov 8, 2019

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed... Moderate Unreviewed

CVE-2019-9073 was published May 13, 2022

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed... Moderate Unreviewed

CVE-2019-9072 was published May 13, 2022

On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform... Moderate Unreviewed

CVE-2019-0005 was published May 13, 2022

Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service ... Moderate Unreviewed

CVE-2019-9705 was published May 13, 2022

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed... Moderate Unreviewed

CVE-2019-9076 was published May 13, 2022

Crafted packets destined to the management interface (fxp0) of an SRX340 or SRX345 services... Moderate Unreviewed

CVE-2019-0038 was published May 13, 2022

Denial of service in direct_mail Moderate

CVE-2020-12697 was published for directmailteam/direct-mail (Composer) May 24, 2021

Regular Expression Denial of Service (ReDOS) Moderate

CVE-2021-29060 was published for color-string (npm) Jun 22, 2021

Previous 1 2 3 4 5 6 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

325 advisories