GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+
326 advisories
Filter by severity
Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42aac component.
Moderate
Unreviewed
CVE-2023-29575
was published
Apr 21, 2023
OutOfMemoryError for large multipart without filename in Eclipse Jetty
Moderate
CVE-2023-26048
was published
for
org.eclipse.jetty:jetty-server
(Maven)
Apr 19, 2023
An Improperly Controlled Sequential Memory Allocation vulnerability in the Juniper Networks Deep...
Moderate
Unreviewed
CVE-2023-28968
was published
Apr 18, 2023
Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp4info component.
Moderate
Unreviewed
CVE-2023-29573
was published
Apr 13, 2023
User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4...
Moderate
Unreviewed
CVE-2023-0382
was published
Apr 5, 2023
Wagtail vulnerable to denial-of-service via memory exhaustion when uploading large files
Moderate
CVE-2023-28837
was published
for
wagtail
(pip)
Apr 3, 2023
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows...
Moderate
Unreviewed
CVE-2023-1544
was published
Mar 23, 2023
A vulnerability in the HTTP-based client profiling feature of Cisco IOS XE Software for Wireless...
Moderate
Unreviewed
CVE-2023-20067
was published
Mar 23, 2023
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple...
Moderate
Unreviewed
CVE-2022-42334
was published
Mar 21, 2023
Denial of service in Jenkins Core
Moderate
CVE-2023-27900
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Mar 10, 2023
An issue in Giorgio Tani peazip v.9.0.0 allows attackers to cause a denial of service via the End...
Moderate
Unreviewed
CVE-2023-24785
was published
Feb 17, 2023
Uncontrolled Resource Consumption in golang.org/x/image
Moderate
CVE-2022-41727
was published
for
golang.org/x/image
(Go)
Feb 17, 2023
OCI image importer memory exhaustion in github.com/containerd/containerd
Moderate
CVE-2023-25153
was published
for
github.com/containerd/containerd
(Go)
Feb 16, 2023
In AutomaticZenRule of AutomaticZenRule.java, there is a possible persistent DoS due to resource...
Moderate
Unreviewed
CVE-2022-20494
was published
Jan 26, 2023
A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco Webex Room Phone and...
Moderate
Unreviewed
CVE-2023-20047
was published
Jan 20, 2023
revel is vulnerable to resource exhaustion
Moderate
CVE-2020-36568
was published
for
github.com/revel/revel
(Go)
Dec 28, 2022
rdiffweb has no rate limit on resend email feature
Moderate
CVE-2022-4723
was published
for
rdiffweb
(pip)
Dec 27, 2022
A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All...
Moderate
Unreviewed
CVE-2022-41288
was published
Dec 13, 2022
IBM OpenBMC OP910 and OP940 could allow a privileged user to cause a denial of service by...
Moderate
Unreviewed
CVE-2022-22488
was published
Dec 12, 2022
golang.org/x/net/http2 vulnerable to possible excessive memory growth
Moderate
CVE-2022-41717
was published
for
golang.org/x/net
(Go)
Dec 8, 2022
Denial of service in Mattermost
Moderate
CVE-2022-4045
was published
for
github.com/mattermost/mattermost-server
(Go)
Nov 23, 2022
Denial of service in Mattermost
Moderate
CVE-2022-4044
was published
for
github.com/mattermost/mattermost-server
(Go)
Nov 23, 2022
A denial-of-service vulnerability in the Mattermost Playbooks plugin allows an authenticated user...
Moderate
Unreviewed
CVE-2022-4019
was published
Nov 23, 2022
A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense (FTD)...
Moderate
Unreviewed
CVE-2022-20950
was published
Nov 16, 2022
ProTip!
Advisories are also available from the
GraphQL API