GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
272 advisories
Filter by severity
Every `named` instance configured to run as a recursive resolver maintains a cache database...
High
Unreviewed
CVE-2023-2828
was published
Jun 21, 2023
An issue was discovered on GL.iNet devices before 3.216. There is an arbitrary file write in...
High
Unreviewed
CVE-2023-31472
was published
May 9, 2023
IBM Counter Fraud Management for Safer Payments 6.1.0.00, 6.2.0.00, 6.3.0.00 through 6.3.1.03, 6...
High
Unreviewed
CVE-2023-27556
was published
Apr 28, 2023
User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4...
High
Unreviewed
CVE-2023-0383
was published
Apr 20, 2023
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 ...
High
Unreviewed
CVE-2022-43768
was published
Apr 11, 2023
Multipart form parsing can consume large amounts of CPU and memory when processing form inputs...
High
Unreviewed
CVE-2023-24536
was published
Apr 6, 2023
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple...
High
Unreviewed
CVE-2022-42333
was published
Mar 21, 2023
A denial of service is possible from excessive resource consumption in net/http and mime...
High
Unreviewed
CVE-2022-41725
was published
Feb 28, 2023
Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method...
High
Unreviewed
CVE-2022-31394
was published
Feb 21, 2023
Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification...
High
Unreviewed
CVE-2023-26249
was published
Feb 21, 2023
Transient DOS due to uncontrolled resource consumption in WLAN firmware when peer is freed in non...
High
Unreviewed
CVE-2022-40513
was published
Feb 12, 2023
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via...
High
Unreviewed
CVE-2023-25193
was published
Feb 4, 2023
In BIP-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x...
High
Unreviewed
CVE-2023-22323
was published
Feb 1, 2023
Due to insufficient length validation in the Open5GS GTP library versions prior to versions 2.4...
High
Unreviewed
CVE-2023-23846
was published
Feb 1, 2023
In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions...
High
Unreviewed
CVE-2022-20492
was published
Jan 26, 2023
In AutomaticZenRule of AutomaticZenRule.java, there is a possible failure to persist permissions...
High
Unreviewed
CVE-2022-20456
was published
Jan 26, 2023
In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions...
High
Unreviewed
CVE-2022-20489
was published
Jan 26, 2023
In multiple functions of AutomaticZenRule.java, there is a possible failure to persist...
High
Unreviewed
CVE-2022-20490
was published
Jan 26, 2023
DDOS reflection amplification vulnerability in eAut module of Ruckus Wireless SmartZone...
High
Unreviewed
CVE-2021-36630
was published
Jan 18, 2023
An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding...
High
Unreviewed
CVE-2023-22403
was published
Jan 13, 2023
In mmu_map_for_fw of gs_ldfw_load.c, there is a possible mitigation bypass due to Permissive...
High
Unreviewed
CVE-2022-42531
was published
Dec 21, 2022
In JetBrains Hub before 2022.3.15181 Throttling was missed when sending emails to a particular...
High
Unreviewed
CVE-2022-45471
was published
Nov 18, 2022
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a...
High
Unreviewed
CVE-2021-34568
was published
Nov 9, 2022
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer...
High
Unreviewed
CVE-2022-43945
was published
Nov 5, 2022
Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to...
High
Unreviewed
CVE-2022-42311
was published
Nov 1, 2022
ProTip!
Advisories are also available from the
GraphQL API