GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
571 advisories
Filter by severity
A lack of appropriate timeouts in GitLab Pages included in GitLab CE/EE all versions prior to 14...
Moderate
Unreviewed
CVE-2022-1121
was published
Apr 5, 2022
IBM App Connect Enterprise Certified Container Dashboard UI (IBM App Connect Enterprise Certified...
Moderate
Unreviewed
CVE-2022-22404
was published
Apr 2, 2022
Mattermost Playbooks plugin v1.24.0 and earlier fails to properly check the limit on the number...
Moderate
Unreviewed
CVE-2022-1333
was published
Apr 14, 2022
A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with...
High
Unreviewed
CVE-2022-20622
was published
Apr 16, 2022
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using...
High
Unreviewed
CVE-2021-44502
was published
Apr 16, 2022
basic/unit-name.c in systemd 220 through 248 has a Memory Allocation with an Excessive Size Value...
Moderate
Unreviewed
CVE-2021-33910
was published
May 24, 2022
xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to...
Moderate
Unreviewed
CVE-2021-28700
was published
May 24, 2022
An issue has been found in function XRef::fetch in PDF2JSON 0.70 that allows attackers to cause a...
Moderate
Unreviewed
CVE-2020-19464
was published
May 24, 2022
Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of...
Moderate
Unreviewed
CVE-2019-9516
was published
May 24, 2022
A vulnerability in processing of certain DHCP packets from adjacent clients on EX Series and QFX...
High
Unreviewed
CVE-2021-0217
was published
May 24, 2022
An issue has been found in function vfprintf in PDF2JSON 0.70 that allows attackers to cause a...
Moderate
Unreviewed
CVE-2020-19463
was published
May 24, 2022
adbyby v2.7 allows external users to make connections via port 8118. This can cause a program...
Moderate
Unreviewed
CVE-2022-29767
was published
Jun 4, 2022
If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where...
High
Unreviewed
CVE-2022-30522
was published
Jun 10, 2022
A vulnerability due to the improper handling of direct memory access (DMA) buffers on EX4300...
Moderate
Unreviewed
CVE-2021-0242
was published
May 24, 2022
An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core...
Moderate
Unreviewed
CVE-2022-31285
was published
Jun 11, 2022
An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom...
Moderate
Unreviewed
CVE-2022-31287
was published
Jun 11, 2022
PNGDec commit 8abf6be was discovered to contain a memory allocation problem via asan_malloc_linux...
Moderate
Unreviewed
CVE-2022-35009
was published
Aug 17, 2022
In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r...
High
Unreviewed
CVE-2022-29404
was published
Jun 10, 2022
Improper memory allocation during counter check DLM handling can lead to denial of service in...
High
Unreviewed
CVE-2021-35096
was published
Jun 15, 2022
Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior...
High
Unreviewed
CVE-2022-27871
was published
Jun 22, 2022
The schm_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service via a...
Moderate
Unreviewed
CVE-2021-40607
was published
Jun 29, 2022
An issue was discovered in MediaWiki through 1.38.1. The lemma length of a Wikibase lexeme is...
High
Unreviewed
CVE-2022-34750
was published
Jun 29, 2022
There's a flaw in OpenEXR's scanline input file functionality in versions before 3.0.0-beta. An...
Moderate
Unreviewed
CVE-2021-3478
was published
May 24, 2022
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc...
High
Unreviewed
CVE-2022-32046
was published
Jul 2, 2022
In Bento4 1.6.0-638, there is an allocator is out of memory in the function AP4_Array...
High
Unreviewed
CVE-2021-40941
was published
Jun 28, 2022
ProTip!
Advisories are also available from the
GraphQL API