Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,382 advisories

Loading
A vulnerability has been identified in SIMATIC PCS neo (Administration Console) (All versions <... High Unreviewed
CVE-2022-27194 was published Apr 13, 2022
A specially crafted packet sent to the Fernhill SCADA Server Version 3.77 and earlier may cause... High Unreviewed
CVE-2022-21155 was published Apr 13, 2022
A Denial of Service (DoS) vulnerability in the processing of a flood of specific ARP traffic in... Moderate Unreviewed
CVE-2022-22191 was published Apr 15, 2022
A vulnerability in the NETCONF over SSH feature of Cisco IOS XE Software could allow a low... Moderate Unreviewed
CVE-2022-20692 was published Apr 16, 2022
The Background service in Allwinner R818 SoC Android Q SDK V1.0 is used to manage background... High Unreviewed
CVE-2021-38788 was published Jan 20, 2022
RESTEasy 4.5.5.Final in hash flooding High
CVE-2020-14326 was published for org.jboss.resteasy:resteasy-bom (Maven) Mar 18, 2022
A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote... High Unreviewed
CVE-2021-20201 was published May 24, 2022
Samourai Wallet Stonewallx2 0.99.98e allows a denial of service via a P2P coinjoin. The attacker... Moderate Unreviewed
CVE-2022-35913 was published Sep 7, 2022
Uncontrolled Resource Consumption in Apache ZooKeeper High
CVE-2017-5637 was published for org.apache.zookeeper:zookeeper (Maven) May 13, 2022
Resource Exhaustion in Spring Security High
CVE-2021-22119 was published for org.springframework.security:spring-security-core (Maven) Jul 2, 2021
OutOfMemory Exception by specifically crafted processing instruction in NekoHtml Parser High
CVE-2022-29546 was published for net.sourceforge.htmlunit:neko-htmlunit (Maven) Apr 26, 2022
kurt-r2c
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the fsicapd... High Unreviewed
CVE-2022-28871 was published Apr 26, 2022
An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel... Low Unreviewed
CVE-2020-12655 was published May 24, 2022
Uncontrolled Resource Consumption in Undertow Moderate
CVE-2018-1114 was published for io.undertow:undertow-core (Maven) May 13, 2022
Resource management errors vulnerability in a robot controller of MELFA FR Series(controller ... High Unreviewed
CVE-2021-20586 was published May 24, 2022
NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which input data is not... Moderate Unreviewed
CVE-2021-1066 was published May 24, 2022
IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 could allow a local user with... Moderate Unreviewed
CVE-2020-4890 was published May 24, 2022
Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can... High Unreviewed
CVE-2022-23772 was published Feb 12, 2022
On BIG-IP Advanced WAF and ASM version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x... High Unreviewed
CVE-2021-22976 was published May 24, 2022
There is a denial of service (DoS) vulnerability in eCNS280 versions V100R005C00, V100R005C10.... High Unreviewed
CVE-2021-22292 was published May 24, 2022
kopano-ical (formerly zarafa-ical) in Kopano Groupware Core through 8.7.16, 9.x through 9.1.0, 10... High Unreviewed
CVE-2021-28994 was published May 24, 2022
A vulnerability in Juniper Networks Junos OS running on the ACX5448 and ACX710 platforms may... Moderate Unreviewed
CVE-2021-0216 was published May 24, 2022
There's a flaw in the BFD library of binutils in versions before 2.36. An attacker who supplies a... High Unreviewed
CVE-2021-3487 was published May 24, 2022
The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7... Moderate Unreviewed
CVE-2021-27617 was published May 24, 2022
Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood of SSL/TLS renegotiation... High Unreviewed
CVE-2021-32920 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database