Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+

326 advisories

Loading
Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42aac component. Moderate Unreviewed
CVE-2023-29575 was published Apr 21, 2023
OutOfMemoryError for large multipart without filename in Eclipse Jetty Moderate
CVE-2023-26048 was published for org.eclipse.jetty:jetty-server (Maven) Apr 19, 2023
lachlan-roberts jeffalder
An Improperly Controlled Sequential Memory Allocation vulnerability in the Juniper Networks Deep... Moderate Unreviewed
CVE-2023-28968 was published Apr 18, 2023
Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp4info component. Moderate Unreviewed
CVE-2023-29573 was published Apr 13, 2023
h2 vulnerable to denial of service Moderate
CVE-2023-26964 was published for h2 (Rust) Apr 11, 2023
FirelightFlagboy seanmonstar
KisaragiEffective JohnTitor
User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4... Moderate Unreviewed
CVE-2023-0382 was published Apr 5, 2023
Wagtail vulnerable to denial-of-service via memory exhaustion when uploading large files Moderate
CVE-2023-28837 was published for wagtail (pip) Apr 3, 2023
RealOrangeOne
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows... Moderate Unreviewed
CVE-2023-1544 was published Mar 23, 2023
A vulnerability in the HTTP-based client profiling feature of Cisco IOS XE Software for Wireless... Moderate Unreviewed
CVE-2023-20067 was published Mar 23, 2023
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple... Moderate Unreviewed
CVE-2022-42334 was published Mar 21, 2023
Denial of service in Jenkins Core Moderate
CVE-2023-27900 was published for org.jenkins-ci.main:jenkins-core (Maven) Mar 10, 2023
westonsteimel
An issue in Giorgio Tani peazip v.9.0.0 allows attackers to cause a denial of service via the End... Moderate Unreviewed
CVE-2023-24785 was published Feb 17, 2023
Uncontrolled Resource Consumption in golang.org/x/image Moderate
CVE-2022-41727 was published for golang.org/x/image (Go) Feb 17, 2023
OCI image importer memory exhaustion in github.com/containerd/containerd Moderate
CVE-2023-25153 was published for github.com/containerd/containerd (Go) Feb 16, 2023
AdamKorcz DavidKorczynski
In AutomaticZenRule of AutomaticZenRule.java, there is a possible persistent DoS due to resource... Moderate Unreviewed
CVE-2022-20494 was published Jan 26, 2023
A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco Webex Room Phone and... Moderate Unreviewed
CVE-2023-20047 was published Jan 20, 2023
revel is vulnerable to resource exhaustion Moderate
CVE-2020-36568 was published for github.com/revel/revel (Go) Dec 28, 2022
rdiffweb has no rate limit on resend email feature Moderate
CVE-2022-4723 was published for rdiffweb (pip) Dec 27, 2022
A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All... Moderate Unreviewed
CVE-2022-41288 was published Dec 13, 2022
IBM OpenBMC OP910 and OP940 could allow a privileged user to cause a denial of service by... Moderate Unreviewed
CVE-2022-22488 was published Dec 12, 2022
golang.org/x/net/http2 vulnerable to possible excessive memory growth Moderate
CVE-2022-41717 was published for golang.org/x/net (Go) Dec 8, 2022
westonsteimel
Denial of service in Mattermost Moderate
CVE-2022-4045 was published for github.com/mattermost/mattermost-server (Go) Nov 23, 2022
Denial of service in Mattermost Moderate
CVE-2022-4044 was published for github.com/mattermost/mattermost-server (Go) Nov 23, 2022
A denial-of-service vulnerability in the Mattermost Playbooks plugin allows an authenticated user... Moderate Unreviewed
CVE-2022-4019 was published Nov 23, 2022
A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense (FTD)... Moderate Unreviewed
CVE-2022-20950 was published Nov 16, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database