Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

395 advisories

Loading
sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU... High Unreviewed
CVE-2016-20013 was published Feb 20, 2022
Pexip Infinity before 27.0 has improper WebRTC input validation. An unauthenticated remote... High Unreviewed
CVE-2022-23228 was published Feb 19, 2022
ESXi contains a slow HTTP POST denial-of-service vulnerability in rhttpproxy. A malicious actor... High Unreviewed
CVE-2021-22050 was published Feb 17, 2022
A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that... High Unreviewed
CVE-2021-41840 was published Feb 10, 2022
An authenticated user without any specific authorizations may be able to repeatedly invoke the... High Unreviewed
CVE-2021-32036 was published Feb 10, 2022
Allocation of Resources Without Limits or Throttling in Keycloak High
CVE-2020-10758 was published for org.keycloak:keycloak-parent (Maven) Feb 9, 2022
Apache ActiveMQ Artemis Uncontrolled Resource Consumption (DoS) High
CVE-2022-23913 was published for org.apache.activemq:artemis-core-client (Maven) Feb 6, 2022
Denial of service in sidekiq High
CVE-2022-23837 was published for sidekiq (RubyGems) Jan 27, 2022
In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely... High Unreviewed
CVE-2021-39293 was published Jan 25, 2022
Allocation of Resources Without Limits or Throttling in Apache Avro High
CVE-2021-43045 was published for Apache.Avro (NuGet) Jan 8, 2022
Allocation of Resources Without Limits or Throttling in ckb High
CVE-2021-45699 was published for ckb (Rust) Jan 6, 2022
ReDOS in Vfsjfilechooser2 High
CVE-2021-29061 was published for com.github.fracpete:vfsjfilechooser2 (Maven) Jan 6, 2022
There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this... High Unreviewed
CVE-2021-37111 was published Jan 4, 2022
A regular expression denial of service (ReDoS) vulnerability exits in cbioportal 3.6.21 and older... High Unreviewed
CVE-2021-38244 was published Dec 17, 2021
ReDOS in IS-SVG High
CVE-2021-29059 was published for is-svg (npm) Dec 10, 2021
Denial of Service (DoS) in Jackson Dataformat CBOR High
CVE-2020-28491 was published for com.fasterxml.jackson.dataformat:jackson-dataformat-cbor (Maven) Dec 9, 2021
DmitriyLewen
calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular... High Unreviewed
CVE-2021-44686 was published Dec 8, 2021
OpenSource Moddable v10.5.0 was discovered to contain a stack overflow in the... High Unreviewed
CVE-2021-29329 was published Nov 20, 2021
modern-async's `forEachSeries` and `forEachLimit` functions do not limit the number of requests High
CVE-2021-41167 was published for modern-async (npm) Oct 21, 2021
Insufficient size checks in ws High
CVE-2020-35896 was published for ws (Rust) Aug 25, 2021
Uncontrolled memory consumption in protobuf High
CVE-2019-15544 was published for protobuf (Rust) Aug 25, 2021
ReDOS in Mpmath High
CVE-2021-29063 was published for mpmath (pip) Aug 9, 2021
bryan-rhm
Improper Handling of Length Parameter Inconsistency in Compress High
CVE-2021-35517 was published for org.apache.commons:commons-compress (Maven) Aug 2, 2021
Improper Handling of Length Parameter Inconsistency in Compress High
CVE-2021-35516 was published for org.apache.commons:commons-compress (Maven) Aug 2, 2021
Allocation of resources without limits or throttling in keycloak-model-infinispan High
CVE-2021-3637 was published for org.keycloak:keycloak-model-infinispan (Maven) Jul 13, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database