Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

296 advisories

Loading
A lack of appropriate timeouts in GitLab Pages included in GitLab CE/EE all versions prior to 14... Moderate Unreviewed
CVE-2022-1121 was published Apr 5, 2022
IBM App Connect Enterprise Certified Container Dashboard UI (IBM App Connect Enterprise Certified... Moderate Unreviewed
CVE-2022-22404 was published Apr 2, 2022
Mattermost Playbooks plugin v1.24.0 and earlier fails to properly check the limit on the number... Moderate Unreviewed
CVE-2022-1333 was published Apr 14, 2022
basic/unit-name.c in systemd 220 through 248 has a Memory Allocation with an Excessive Size Value... Moderate Unreviewed
CVE-2021-33910 was published May 24, 2022
xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to... Moderate Unreviewed
CVE-2021-28700 was published May 24, 2022
An issue has been found in function XRef::fetch in PDF2JSON 0.70 that allows attackers to cause a... Moderate Unreviewed
CVE-2020-19464 was published May 24, 2022
An issue has been found in function vfprintf in PDF2JSON 0.70 that allows attackers to cause a... Moderate Unreviewed
CVE-2020-19463 was published May 24, 2022
adbyby v2.7 allows external users to make connections via port 8118. This can cause a program... Moderate Unreviewed
CVE-2022-29767 was published Jun 4, 2022
A vulnerability due to the improper handling of direct memory access (DMA) buffers on EX4300... Moderate Unreviewed
CVE-2021-0242 was published May 24, 2022
An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core... Moderate Unreviewed
CVE-2022-31285 was published Jun 11, 2022
An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom... Moderate Unreviewed
CVE-2022-31287 was published Jun 11, 2022
PNGDec commit 8abf6be was discovered to contain a memory allocation problem via asan_malloc_linux... Moderate Unreviewed
CVE-2022-35009 was published Aug 17, 2022
The schm_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service via a... Moderate Unreviewed
CVE-2021-40607 was published Jun 29, 2022
There's a flaw in OpenEXR's scanline input file functionality in versions before 3.0.0-beta. An... Moderate Unreviewed
CVE-2021-3478 was published May 24, 2022
There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker... Moderate Unreviewed
CVE-2021-3479 was published May 24, 2022
Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote... Moderate Unreviewed
CVE-2022-29892 was published Jul 5, 2022
Teamplus Pro community discussion has an ‘allocation of resource without limits or throttling’... Moderate Unreviewed
CVE-2022-35221 was published Aug 3, 2022
Teamplus Pro community discussion function has an ‘allocation of resource without limits or... Moderate Unreviewed
CVE-2022-35220 was published Aug 3, 2022
On version 15.1.x before 15.1.3, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.6, when the... Moderate Unreviewed
CVE-2021-23053 was published May 24, 2022
Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible... Moderate Unreviewed
CVE-2020-9059 was published Jan 11, 2022
A flaw was found in Clmg, where with the help of a maliciously crafted pandore or bmp file with... Moderate Unreviewed
CVE-2022-1325 was published Sep 1, 2022
In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function ... Moderate Unreviewed
CVE-2020-35534 was published Sep 2, 2022
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before... Moderate Unreviewed
CVE-2019-15165 was published May 24, 2022
GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in... Moderate Unreviewed
CVE-2020-6610 was published May 24, 2022
CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation. Moderate Unreviewed
CVE-2020-15806 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database