GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
395 advisories
Filter by severity
FaucetSDN Ryu Denial of Service Vulnerability
High
CVE-2020-35139
was published
for
ryu
(pip)
Aug 11, 2023
FaucetSDN Ryu Denial of Service Vulnerability
High
CVE-2020-35141
was published
for
ryu
(pip)
Aug 11, 2023
libp2p nodes vulnerable to attack using large RSA keys
High
CVE-2023-39533
was published
for
github.com/libp2p/go-libp2p
(Go)
Aug 9, 2023
A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801,...
High
Unreviewed
CVE-2023-39269
was published
Aug 8, 2023
Data Illusion Survey Software Solutions ngSurvey version 2.4.28 and below is vulnerable to Denial...
High
Unreviewed
CVE-2022-46485
was published
Aug 2, 2023
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S ...
High
Unreviewed
CVE-2023-36521
was published
Jul 11, 2023
IBM Watson CP4D Data Stores 4.6.0 does not properly allocate resources without limits or...
High
Unreviewed
CVE-2023-27540
was published
Jul 10, 2023
Any request send to a Netgear Nighthawk Wifi6 Router (RAX30)'s web service containing a “Content...
High
Unreviewed
CVE-2023-28338
was published
Jul 6, 2023
A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD...
High
Unreviewed
CVE-2022-3480
was published
Jul 6, 2023
Products.CMFCore unauthenticated denial of service and crash via unchecked use of input with Python's marshal module
High
CVE-2023-36814
was published
for
Products.CMFCore
(pip)
Jul 5, 2023
A vulnerability in the XCP Authentication Service of the Cisco Unified Communications Manager IM ...
High
Unreviewed
CVE-2023-20108
was published
Jun 28, 2023
Every `named` instance configured to run as a recursive resolver maintains a cache database...
High
Unreviewed
CVE-2023-2828
was published
Jun 21, 2023
snappy-java's unchecked chunk length leads to DoS
High
CVE-2023-34455
was published
for
org.xerial.snappy:snappy-java
(Maven)
Jun 15, 2023
Apache Struts vulnerable to memory exhaustion
High
CVE-2023-34396
was published
for
org.apache.struts:struts2-core
(Maven)
Jun 14, 2023
Uncontrolled Resource Consumption in LengthPrefixedMessageReader
High
CVE-2021-36155
was published
for
github.com/grpc/grpc-swift
(Swift)
Jun 9, 2023
github.com/ipfs/go-bitswap vulnerable to DOS unbounded persistent memory leak
High
GHSA-q3j6-22wf-3jh9
was published
for
github.com/ipfs/go-bitswap
(Go)
May 11, 2023
distribution catalog API endpoint can lead to OOM via malicious user input
High
CVE-2023-2253
was published
for
github.com/docker/distribution
(Go)
May 11, 2023
Boxo bitswap/server: DOS unbounded persistent memory leak
High
CVE-2023-25568
was published
for
github.com/ipfs/go-libipfs
(Go)
May 11, 2023
An issue was discovered on GL.iNet devices before 3.216. There is an arbitrary file write in...
High
Unreviewed
CVE-2023-31472
was published
May 9, 2023
Rekor's compressed archives can result in OOM conditions
High
CVE-2023-30551
was published
for
github.com/sigstore/rekor
(Go)
May 3, 2023
IBM Counter Fraud Management for Safer Payments 6.1.0.00, 6.2.0.00, 6.3.0.00 through 6.3.1.03, 6...
High
Unreviewed
CVE-2023-27556
was published
Apr 28, 2023
User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4...
High
Unreviewed
CVE-2023-0383
was published
Apr 20, 2023
Spring Framework vulnerable to denial of service
High
CVE-2023-20863
was published
for
org.springframework:spring-expression
(Maven)
Apr 13, 2023
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 ...
High
Unreviewed
CVE-2022-43768
was published
Apr 11, 2023
ProTip!
Advisories are also available from the
GraphQL API