Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

209 advisories

Loading
uBlock Origin before 1.36.2 and nMatrix before 4.4.9 support an arbitrary depth of parameter... High Unreviewed
CVE-2021-36773 was published May 24, 2022
Stack overflow vulnerability in parse_array Cesanta MJS 1.20.1, allows remote attackers to cause... Moderate Unreviewed
CVE-2020-18392 was published May 24, 2022
A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device... Moderate Unreviewed
CVE-2021-20255 was published May 24, 2022
Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an stack exhaustion vulnerability in the ... Moderate Unreviewed
CVE-2020-20213 was published May 24, 2022
A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed... High Unreviewed
CVE-2021-3530 was published May 24, 2022
Improper path handling in Kustomization files allows for denial of service High
CVE-2022-24878 was published for github.com/fluxcd/flux2 (Go) May 20, 2022
hiddeco
Logic error in Apache Pinot High
CVE-2022-23974 was published for org.apache.pinot:pinot (Maven) Apr 6, 2022
Uncontrolled recursion in ammonia High
CVE-2019-15542 was published for ammonia (Rust) Aug 25, 2021
Denial of Service in mqtt Moderate
CVE-2017-10910 was published for mqtt (npm) Dec 28, 2017
ProTip! Advisories are also available from the GraphQL API