GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,046
Maven
5,000+
npm
3,737
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
100 advisories
Filter by severity
Improper Validation of Specified Quantity in Input in Eclipse Hono
High
CVE-2020-27217
was published
for
org.eclipse.hono:hono-core
(Maven)
Feb 10, 2022
An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS...
Moderate
Unreviewed
CVE-2023-22409
was published
Jan 13, 2023
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1),...
High
Unreviewed
CVE-2021-44693
was published
Dec 13, 2022
IPFS go-bitfield vulnerable to DoS via malformed size arguments
Moderate
CVE-2023-23626
was published
for
github.com/ipfs/go-bitfield
(Go)
Feb 10, 2023
An Improper Validation of Specified Quantity in Input vulnerability in the routing protocol...
Moderate
Unreviewed
CVE-2022-22166
was published
Jan 20, 2022
ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper...
High
Unreviewed
CVE-2021-44158
was published
Jan 4, 2022
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap...
High
Unreviewed
CVE-2021-46158
was published
Feb 10, 2022
NHI’s health insurance web service component has insufficient validation for input string length,...
High
Unreviewed
CVE-2021-45918
was published
Jun 21, 2022
Dolibarr vulnerable to Improper Validation of Specified Quantity in Input
Moderate
CVE-2022-0414
was published
for
dolibarr/dolibarr
(Composer)
Feb 1, 2022
Microweber vulnerable to Improper Validation of Specified Quantity in Input
Moderate
CVE-2022-0596
was published
for
microweber/microweber
(Composer)
Feb 16, 2022
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling...
High
Unreviewed
CVE-2021-28510
was published
Jan 26, 2023
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST...
Critical
Unreviewed
CVE-2021-21951
was published
Dec 9, 2021
A stack-based buffer overflow vulnerability exists in both the LLMNR functionality of Sealevel...
Critical
Unreviewed
CVE-2021-21960
was published
Feb 10, 2022
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST...
Critical
Unreviewed
CVE-2021-21950
was published
Dec 9, 2021
A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft...
High
Unreviewed
CVE-2021-21943
was published
Apr 15, 2022
ToolJet is vulnerable to Denial of Service (DoS)
Moderate
CVE-2022-4111
was published
for
tooljet
(npm)
Nov 22, 2022
conduit-hyper vulnerable to Denial of Service from unchecked request length
High
CVE-2022-39294
was published
for
conduit-hyper
(Rust)
Oct 31, 2022
Unauthenticated control plane denial of service attack in Istio
High
CVE-2022-23635
was published
for
istio.io/istio
(Go)
Feb 23, 2022
Logic error in dolibarr
Moderate
CVE-2022-0174
was published
for
dolibarr/dolibarr
(Composer)
Jan 12, 2022
Missing validation causes denial of service via `Conv3DBackpropFilterV2`
Moderate
CVE-2022-29196
was published
for
tensorflow
(pip)
May 24, 2022
Missing validation causes denial of service via `LSTMBlockCell`
Moderate
CVE-2022-29200
was published
for
tensorflow
(pip)
May 24, 2022
Denial of service in `tf.ragged.constant` due to lack of validation
Moderate
CVE-2022-29202
was published
for
tensorflow
(pip)
May 24, 2022
DexLoader function get_stringidx_fromdex() in Redex prior to commit 3b44c64 can load an out of...
Critical
Unreviewed
CVE-2022-36938
was published
Nov 11, 2022
linked_list_allocator vulnerable to out-of-bound writes on `Heap` initialization and `Heap::extend`
High
CVE-2022-36086
was published
for
linked_list_allocator
(Rust)
Sep 16, 2022
ProTip!
Advisories are also available from the
GraphQL API