Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,335
Erlang
31
GitHub Actions
22
Go
2,096
Maven
5,000+
npm
3,762
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,055 advisories

Loading
Uncontrolled Resource Consumption in Apache Tika Moderate
CVE-2020-1950 was published for org.apache.tika:tika (Maven) May 7, 2021
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via... Moderate Unreviewed
CVE-2022-25313 was published Feb 19, 2022
Uncontrolled resource consumption in the Intel(R) Support Android application before version 22... Moderate Unreviewed
CVE-2022-30691 was published Nov 11, 2022
An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in... Moderate Unreviewed
CVE-2022-40736 was published Sep 16, 2022
Kibana versions before 6.8.11 and 7.8.1 contain a denial of service (DoS) flaw in Timelion. An... Moderate Unreviewed
CVE-2020-7016 was published May 24, 2022
On version 15.1.x before 15.1.3, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.6, when the... Moderate Unreviewed
CVE-2021-23053 was published May 24, 2022
The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and... Moderate Unreviewed
CVE-2014-3407 was published May 17, 2022
The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with... Moderate Unreviewed
CVE-2011-3348 was published May 13, 2022
A missing input validation in Nextcloud Server before 20.0.2, 19.0.5, 18.0.11 allows users to... Moderate Unreviewed
CVE-2020-8293 was published May 24, 2022
Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00,... Moderate Unreviewed
CVE-2016-8780 was published May 17, 2022
ZXEN CG200 has a DoS vulnerability. An attacker could construct and send a large number of HTTP... Moderate Unreviewed
CVE-2022-23142 was published Jul 19, 2022
KubeEdge Edge ServiceBus module DoS Moderate
CVE-2022-31073 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
DavidKorczynski AdamKorcz
A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an... Moderate Unreviewed
CVE-2022-20808 was published Jul 7, 2022
The wav_open_read function in frontend/input.c in Freeware Advanced Audio Coder (FAAC) 1.28... Moderate Unreviewed
CVE-2017-9129 was published May 17, 2022
In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption... Moderate Unreviewed
CVE-2022-30792 was published Jul 12, 2022
In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections... Moderate Unreviewed
CVE-2022-31803 was published Jun 25, 2022
There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker... Moderate Unreviewed
CVE-2021-3479 was published May 24, 2022
In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows... Moderate Unreviewed
CVE-2022-30791 was published Jul 12, 2022
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Denial of Service attack. Due to an... Moderate Unreviewed
CVE-2017-0886 was published May 13, 2022
In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent degradation of... Moderate Unreviewed
CVE-2022-20425 was published Oct 12, 2022
KubeEdge Cloud AdmissionController component DoS Moderate
CVE-2022-31074 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
DavidKorczynski AdamKorcz
An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR... Moderate Unreviewed
CVE-2021-23215 was published May 24, 2022
There's a flaw in OpenEXR's scanline input file functionality in versions before 3.0.0-beta. An... Moderate Unreviewed
CVE-2021-3478 was published May 24, 2022
The mod_dontdothat component of the mod_dav_svn Apache module in Subversion as packaged in Red... Moderate Unreviewed
CVE-2016-6312 was published May 17, 2022
On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPCs (Modular Port... Moderate Unreviewed
CVE-2021-0257 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database