Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

910 advisories

Loading
Allocation of Resources Without Limits or Throttling in Apache Avro High
CVE-2021-43045 was published for Apache.Avro (NuGet) Jan 8, 2022
Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible... Moderate Unreviewed
CVE-2020-9059 was published Jan 11, 2022
android-gif-drawable vulerable to denial of service due to unrestricted comment length High
CVE-2022-23435 was published for pl.droidsonroids.gif:android-gif-drawable (Maven) Jan 20, 2022
Marcono1234
In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely... High Unreviewed
CVE-2021-39293 was published Jan 25, 2022
Denial of service in sidekiq High
CVE-2022-23837 was published for sidekiq (RubyGems) Jan 27, 2022
An issue was discovered in Stormshield SNS before 4.2.3 (when the proxy is used). An attacker can... Moderate Unreviewed
CVE-2021-28096 was published Jan 28, 2022
Denial of service in bingrep Moderate
CVE-2021-39480 was published for bingrep (Rust) Jan 28, 2022
Allocation of Resources Without Limits or Throttling in iText Moderate
CVE-2022-24196 was published for com.itextpdf:itext7-core (Maven) Feb 2, 2022
Apache ActiveMQ Artemis Uncontrolled Resource Consumption (DoS) High
CVE-2022-23913 was published for org.apache.activemq:artemis-core-client (Maven) Feb 6, 2022
Allocation of Resources Without Limits or Throttling in Keycloak High
CVE-2020-10758 was published for org.keycloak:keycloak-parent (Maven) Feb 9, 2022
An authenticated user without any specific authorizations may be able to repeatedly invoke the... High Unreviewed
CVE-2021-32036 was published Feb 10, 2022
A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that... High Unreviewed
CVE-2021-41840 was published Feb 10, 2022
Memory exhaustion in Tensorflow Moderate
CVE-2022-21732 was published for tensorflow (pip) Feb 10, 2022
Kubernetes API Server DoS Via API Requests Moderate
CVE-2020-8552 was published for k8s.io/apiserver (Go) Feb 15, 2022
skitt marquiz
toddtreece
Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes Moderate
CVE-2020-8551 was published for k8s.io/kubernetes (Go) Feb 15, 2022
ESXi contains a slow HTTP POST denial-of-service vulnerability in rhttpproxy. A malicious actor... High Unreviewed
CVE-2021-22050 was published Feb 17, 2022
Pexip Infinity before 27.0 has improper WebRTC input validation. An unauthenticated remote... High Unreviewed
CVE-2022-23228 was published Feb 19, 2022
sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU... High Unreviewed
CVE-2016-20013 was published Feb 20, 2022
Allocation of Resources Without Limits or Throttling in metadata-extractor High
CVE-2022-24614 was published for com.drewnoakes:metadata-extractor (Maven) Feb 25, 2022
cpropps-sysdig
HashiCorp Nomad vulnerable to Allocation of Resources Without Limits or Throttling High
CVE-2022-24685 was published for github.com/hashicorp/nomad (Go) Mar 1, 2022
Twisted SSH client and server deny of service during SSH handshake. High
CVE-2022-21716 was published for twisted (pip) Mar 3, 2022
Idan-D vin01
Improper Input Validation and Allocation of Resources Without Limits or Throttling in poi-scratchpad Moderate
CVE-2022-26336 was published for org.apache.poi:poi-scratchpad (Maven) Mar 5, 2022
SunBK201
Moodle denial-of-service risk in the draft files area High
CVE-2021-32476 was published for moodle/moodle (Composer) Mar 12, 2022
Allocation of Resources Without Limits or Throttling in nvflare High
CVE-2022-21822 was published for nvflare (pip) Mar 18, 2022
Nintorac
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in WEKA INTEREST Security Scanner... High Unreviewed
CVE-2017-20016 was published Mar 29, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database