Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,231 advisories

Loading
Denial of service in sidekiq High
CVE-2022-23837 was published for sidekiq (RubyGems) Jan 27, 2022
In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely... High Unreviewed
CVE-2021-39293 was published Jan 25, 2022
android-gif-drawable vulerable to denial of service due to unrestricted comment length High
CVE-2022-23435 was published for pl.droidsonroids.gif:android-gif-drawable (Maven) Jan 20, 2022
Marcono1234
Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible... Moderate Unreviewed
CVE-2020-9059 was published Jan 11, 2022
Allocation of Resources Without Limits or Throttling in Apache Avro High
CVE-2021-43045 was published for Apache.Avro (NuGet) Jan 8, 2022
In libming 0.4.8, the parseSWF_DEFINELOSSLESS2 function in util/parser.c lacks a boundary check... Moderate Unreviewed
CVE-2021-44591 was published Jan 7, 2022
Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information... Moderate Unreviewed
CVE-2021-28715 was published Jan 7, 2022
Allocation of Resources Without Limits or Throttling in ckb High
CVE-2021-45699 was published for ckb (Rust) Jan 6, 2022
ReDOS in Vfsjfilechooser2 High
CVE-2021-29061 was published for com.github.fracpete:vfsjfilechooser2 (Maven) Jan 6, 2022
There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this... High Unreviewed
CVE-2021-37111 was published Jan 4, 2022
A regular expression denial of service (ReDoS) vulnerability exits in cbioportal 3.6.21 and older... High Unreviewed
CVE-2021-38244 was published Dec 17, 2021
ReDOS in IS-SVG High
CVE-2021-29059 was published for is-svg (npm) Dec 10, 2021
Denial of Service (DoS) in Jackson Dataformat CBOR High
CVE-2020-28491 was published for com.fasterxml.jackson.dataformat:jackson-dataformat-cbor (Maven) Dec 9, 2021
DmitriyLewen
calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular... High Unreviewed
CVE-2021-44686 was published Dec 8, 2021
The Bluetooth Classic implementation on Actions ATS2815 chipsets does not properly handle the... Moderate Unreviewed
CVE-2021-31787 was published Dec 1, 2021
OpenSource Moddable v10.5.0 was discovered to contain a stack overflow in the... High Unreviewed
CVE-2021-29329 was published Nov 20, 2021
OctoRPKI crashes when processing GZIP bomb returned via malicious repository Moderate
CVE-2021-3912 was published for github.com/cloudflare/cfrpki (Go) Nov 10, 2021
modern-async's `forEachSeries` and `forEachLimit` functions do not limit the number of requests High
CVE-2021-41167 was published for modern-async (npm) Oct 21, 2021
Insufficient size checks in ws High
CVE-2020-35896 was published for ws (Rust) Aug 25, 2021
Uncontrolled memory consumption in protobuf High
CVE-2019-15544 was published for protobuf (Rust) Aug 25, 2021
ReDOS in Mpmath High
CVE-2021-29063 was published for mpmath (pip) Aug 9, 2021
bryan-rhm
Improper Handling of Length Parameter Inconsistency in Compress High
CVE-2021-35517 was published for org.apache.commons:commons-compress (Maven) Aug 2, 2021
Improper Handling of Length Parameter Inconsistency in Compress High
CVE-2021-35516 was published for org.apache.commons:commons-compress (Maven) Aug 2, 2021
Allocation of resources without limits or throttling in keycloak-model-infinispan High
CVE-2021-3637 was published for org.keycloak:keycloak-model-infinispan (Maven) Jul 13, 2021
Asymmetric Resource Consumption (Amplification) in Docker containers created by Wings Moderate
CVE-2021-32699 was published for github.com/pterodactyl/wings (Go) Jun 23, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database