GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
395 advisories
Filter by severity
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc...
High
Unreviewed
CVE-2022-32045
was published
Jul 2, 2022
An issue was discovered in glFTPd 2.11a that allows remote attackers to cause a denial of service...
High
Unreviewed
CVE-2021-31645
was published
Jul 8, 2022
Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption...
High
Unreviewed
CVE-2022-29286
was published
Jul 18, 2022
An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding...
High
Unreviewed
CVE-2022-22212
was published
Jul 21, 2022
In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process...
High
Unreviewed
CVE-2021-46828
was published
Jul 21, 2022
A remote attacker with general user privilege can send a message to Teamplus Pro’s chat group...
High
Unreviewed
CVE-2022-32958
was published
Jul 21, 2022
TripleCross v0.1.0 was discovered to contain a stack overflow which occurs because there is no...
High
Unreviewed
CVE-2022-35506
was published
Aug 4, 2022
A segmentation fault in TripleCross v0.1.0 occurs when sending a control command from the client...
High
Unreviewed
CVE-2022-35505
was published
Aug 4, 2022
The Uniwill SparkIO.sys driver 1.0 is vulnerable to a stack-based buffer overflow via IOCTL...
High
Unreviewed
CVE-2022-37415
was published
Aug 6, 2022
Rust-WebSocket memory allocation based on untrusted length
High
CVE-2022-35922
was published
for
websocket
(Rust)
Aug 6, 2022
Apache Avro Rust SDK's Reader could consume memory beyond allowed constraints
High
CVE-2022-36124
was published
for
apache-avro
(Rust)
Aug 10, 2022
A vulnerability has been identified in SCALANCE M-800 / S615 (All versions), SCALANCE W-1700 IEEE...
High
Unreviewed
CVE-2022-36324
was published
Aug 11, 2022
TEE_Malloc in Samsung mTower through 0.3.0 allows a trusted application to achieve Excessive...
High
Unreviewed
CVE-2022-38155
was published
Aug 12, 2022
In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it...
High
Unreviewed
CVE-2020-14322
was published
Aug 17, 2022
node-opcua DoS vulnerability via message with memory allocation that exceeds v8's memory limit
High
CVE-2022-25231
was published
for
node-opcua
(npm)
Aug 24, 2022
The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to...
High
Unreviewed
CVE-2022-25761
was published
Aug 24, 2022
All versions of package freeopcua/freeopcua are vulnerable to Denial of Service (DoS) when...
High
Unreviewed
CVE-2022-24298
was published
Aug 24, 2022
All versions of package asneg/opcuastack are vulnerable to Denial of Service (DoS) due to a...
High
Unreviewed
CVE-2022-24381
was published
Aug 24, 2022
Uncontrolled Resource Consumption in asyncua and opcua
High
CVE-2022-25304
was published
for
asyncua
(pip)
Aug 24, 2022
Uncontrolled Resource Consumption in opcua
High
CVE-2022-25888
was published
for
opcua
(Rust)
Aug 24, 2022
XNIO `notifyReadClosed` method logging message to unexpected end
High
CVE-2022-0084
was published
for
org.jboss.xnio:xnio-all
(Maven)
Aug 27, 2022
D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/addRouting.
High
Unreviewed
CVE-2022-36620
was published
Sep 1, 2022
Duplicate of GHSA-m77f-652q-wwp4
High
GHSA-2gg5-7c4v-6xx2
was published
for
axum-core
(Rust)
Sep 15, 2022
•
withdrawn
axum-core has no default limit put on request bodies
High
CVE-2022-3212
was published
for
axum-core
(Rust)
Sep 15, 2022
Eclipse Milo vulnerable to Resource Exhaustion (Denial of Service)
High
CVE-2022-25897
was published
for
org.eclipse.milo:sdk-server
(Maven)
Sep 15, 2022
ProTip!
Advisories are also available from the
GraphQL API