GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
19 advisories
Filter by severity
The CODESYS Gateway Server V2 does not verifiy that the size of a request is within expected...
High
Unreviewed
CVE-2022-31804
was published
Jun 25, 2022
Memory Allocation with Excessive Size Value in OPCFoundation.NetStandard.Opc.Ua.Core
High
CVE-2022-29863
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Jun 17, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of...
High
Unreviewed
CVE-2021-34854
was published
May 24, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of...
High
Unreviewed
CVE-2021-34868
was published
Jan 26, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of...
High
Unreviewed
CVE-2021-34869
was published
Jan 26, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of...
High
Unreviewed
CVE-2021-34867
was published
Jan 26, 2022
Binary vulnerable to Slice Memory Allocation with Excessive Size Value
High
CVE-2022-36078
was published
for
github.com/gagliardetto/binary
(Go)
Sep 16, 2022
Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager,...
High
Unreviewed
CVE-2022-28773
was published
Apr 13, 2022
A vulnerability in the XCP Authentication Service of the Cisco Unified Communications Manager IM ...
High
Unreviewed
CVE-2023-20108
was published
Jun 28, 2023
vyper vulnerable to storage allocator overflow
High
CVE-2023-30837
was published
for
vyper
(pip)
May 5, 2023
Faktory Web Dashboard can lead to denial of service(DOS) via malicious user input
High
CVE-2023-37279
was published
for
github.com/contribsys/faktory
(Go)
Sep 20, 2023
A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation...
High
Unreviewed
CVE-2023-3171
was published
Dec 27, 2023
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in WEKA INTEREST Security Scanner...
High
Unreviewed
CVE-2017-20016
was published
Mar 29, 2022
amphp/http-client Denial of Service via HTTP/2 CONTINUATION Frames
High
GHSA-w8gf-g2vq-j2f4
was published
for
amphp/http-client
(Composer)
Apr 3, 2024
Undertow vulnerable to denial of service
High
CVE-2023-3223
was published
for
io.undertow:undertow-parent
(Maven)
Sep 27, 2023
Apache Kafka vulnerability can lead to brokers hitting OutOfMemoryException, causing Denial of Service
High
CVE-2022-34917
was published
for
org.apache.kafka:kafka
(Maven)
Sep 21, 2022
To keep its cache database efficient, `named` running as a recursive resolver occasionally...
High
Unreviewed
CVE-2023-6516
was published
Feb 13, 2024
A vulnerability in the VPN and management web servers of the Cisco Adaptive Security Virtual...
High
Unreviewed
CVE-2024-20260
was published
Oct 23, 2024
ProTip!
Advisories are also available from the
GraphQL API