Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

395 advisories

Loading
axum-core has no default limit put on request bodies High
CVE-2022-3212 was published for axum-core (Rust) Sep 15, 2022
Denial of service in sidekiq High
CVE-2022-23837 was published for sidekiq (RubyGems) Jan 27, 2022
modern-async's `forEachSeries` and `forEachLimit` functions do not limit the number of requests High
CVE-2021-41167 was published for modern-async (npm) Oct 21, 2021
Allocation of Resources Without Limits or Throttling in nvflare High
CVE-2022-21822 was published for nvflare (pip) Mar 18, 2022
Nintorac
A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with... High Unreviewed
CVE-2022-20622 was published Apr 16, 2022
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using... High Unreviewed
CVE-2021-44502 was published Apr 16, 2022
Improper Handling of Length Parameter Inconsistency in Compress High
CVE-2021-35517 was published for org.apache.commons:commons-compress (Maven) Aug 2, 2021
Improper Handling of Length Parameter Inconsistency in Compress High
CVE-2021-35516 was published for org.apache.commons:commons-compress (Maven) Aug 2, 2021
A vulnerability in processing of certain DHCP packets from adjacent clients on EX Series and QFX... High Unreviewed
CVE-2021-0217 was published May 24, 2022
Helm Controller denial of service High
CVE-2022-36049 was published for github.com/fluxcd/flux2 (Go) Sep 16, 2022
pjbgf
If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where... High Unreviewed
CVE-2022-30522 was published Jun 10, 2022
In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r... High Unreviewed
CVE-2022-29404 was published Jun 10, 2022
Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior... High Unreviewed
CVE-2022-27871 was published Jun 22, 2022
Improper memory allocation during counter check DLM handling can lead to denial of service in... High Unreviewed
CVE-2021-35096 was published Jun 15, 2022
Denial of Service in Spring Cloud Function High
CVE-2022-22979 was published for org.springframework.cloud:spring-cloud-function-parent (Maven) Jun 22, 2022
An issue was discovered in MediaWiki through 1.38.1. The lemma length of a Wikibase lexeme is... High Unreviewed
CVE-2022-34750 was published Jun 29, 2022
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc... High Unreviewed
CVE-2022-32046 was published Jul 2, 2022
In Bento4 1.6.0-638, there is an allocator is out of memory in the function AP4_Array... High Unreviewed
CVE-2021-40941 was published Jun 28, 2022
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function... High Unreviewed
CVE-2022-32043 was published Jul 2, 2022
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac... High Unreviewed
CVE-2022-32053 was published Jul 2, 2022
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the password... High Unreviewed
CVE-2022-32044 was published Jul 2, 2022
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the url... High Unreviewed
CVE-2022-32049 was published Jul 2, 2022
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function... High Unreviewed
CVE-2022-32041 was published Jul 2, 2022
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc... High Unreviewed
CVE-2022-32052 was published Jul 2, 2022
An issue was discovered in glFTPd 2.11a that allows remote attackers to cause a denial of service... High Unreviewed
CVE-2021-31645 was published Jul 8, 2022
ProTip! Advisories are also available from the GraphQL API