Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

395 advisories

Loading
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc... High Unreviewed
CVE-2022-32045 was published Jul 2, 2022
An issue was discovered in glFTPd 2.11a that allows remote attackers to cause a denial of service... High Unreviewed
CVE-2021-31645 was published Jul 8, 2022
Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption... High Unreviewed
CVE-2022-29286 was published Jul 18, 2022
An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding... High Unreviewed
CVE-2022-22212 was published Jul 21, 2022
In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process... High Unreviewed
CVE-2021-46828 was published Jul 21, 2022
A remote attacker with general user privilege can send a message to Teamplus Pro’s chat group... High Unreviewed
CVE-2022-32958 was published Jul 21, 2022
TripleCross v0.1.0 was discovered to contain a stack overflow which occurs because there is no... High Unreviewed
CVE-2022-35506 was published Aug 4, 2022
A segmentation fault in TripleCross v0.1.0 occurs when sending a control command from the client... High Unreviewed
CVE-2022-35505 was published Aug 4, 2022
The Uniwill SparkIO.sys driver 1.0 is vulnerable to a stack-based buffer overflow via IOCTL... High Unreviewed
CVE-2022-37415 was published Aug 6, 2022
Rust-WebSocket memory allocation based on untrusted length High
CVE-2022-35922 was published for websocket (Rust) Aug 6, 2022
evanrichter
Apache Avro Rust SDK's Reader could consume memory beyond allowed constraints High
CVE-2022-36124 was published for apache-avro (Rust) Aug 10, 2022
A vulnerability has been identified in SCALANCE M-800 / S615 (All versions), SCALANCE W-1700 IEEE... High Unreviewed
CVE-2022-36324 was published Aug 11, 2022
TEE_Malloc in Samsung mTower through 0.3.0 allows a trusted application to achieve Excessive... High Unreviewed
CVE-2022-38155 was published Aug 12, 2022
In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it... High Unreviewed
CVE-2020-14322 was published Aug 17, 2022
node-opcua DoS vulnerability via message with memory allocation that exceeds v8's memory limit High
CVE-2022-25231 was published for node-opcua (npm) Aug 24, 2022
The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to... High Unreviewed
CVE-2022-25761 was published Aug 24, 2022
All versions of package freeopcua/freeopcua are vulnerable to Denial of Service (DoS) when... High Unreviewed
CVE-2022-24298 was published Aug 24, 2022
All versions of package asneg/opcuastack are vulnerable to Denial of Service (DoS) due to a... High Unreviewed
CVE-2022-24381 was published Aug 24, 2022
Uncontrolled Resource Consumption in asyncua and opcua High
CVE-2022-25304 was published for asyncua (pip) Aug 24, 2022
GoetzGoerisch tdunlap607
Uncontrolled Resource Consumption in opcua High
CVE-2022-25888 was published for opcua (Rust) Aug 24, 2022
XNIO `notifyReadClosed` method logging message to unexpected end High
CVE-2022-0084 was published for org.jboss.xnio:xnio-all (Maven) Aug 27, 2022
D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/addRouting. High Unreviewed
CVE-2022-36620 was published Sep 1, 2022
Duplicate of GHSA-m77f-652q-wwp4 High
GHSA-2gg5-7c4v-6xx2 was published for axum-core (Rust) Sep 15, 2022 withdrawn
axum-core has no default limit put on request bodies High
CVE-2022-3212 was published for axum-core (Rust) Sep 15, 2022
Eclipse Milo vulnerable to Resource Exhaustion (Denial of Service) High
CVE-2022-25897 was published for org.eclipse.milo:sdk-server (Maven) Sep 15, 2022
SharonBrizinov
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database