Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,747
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

153 advisories

Loading
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1),... High Unreviewed
CVE-2021-44693 was published Dec 13, 2022
In findAllDeAccounts of AccountsDb.java, there is a possible denial of service due to resource... Moderate Unreviewed
CVE-2021-0934 was published Dec 13, 2022
A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog... Moderate Unreviewed
CVE-2022-20688 was published Dec 12, 2022
Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA... Moderate Unreviewed
CVE-2022-20686 was published Dec 12, 2022
A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Adaptive... Moderate Unreviewed
CVE-2022-20691 was published Dec 12, 2022
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series... High Unreviewed
CVE-2022-20689 was published Dec 12, 2022
Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA... Moderate Unreviewed
CVE-2022-20687 was published Dec 12, 2022
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series... High Unreviewed
CVE-2022-20690 was published Dec 12, 2022
ToolJet is vulnerable to Denial of Service (DoS) Moderate
CVE-2022-4111 was published for tooljet (npm) Nov 22, 2022
aruneko
`tf.raw_ops.Mfcc` crashes Moderate
CVE-2022-41896 was published for tensorflow (pip) Nov 21, 2022
Memory Corruption in modem due to improper length check while copying into memory in Snapdragon... Critical Unreviewed
CVE-2022-25727 was published Nov 15, 2022
Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and... Moderate Unreviewed
CVE-2022-26047 was published Nov 11, 2022
DexLoader function get_stringidx_fromdex() in Redex prior to commit 3b44c64 can load an out of... Critical Unreviewed
CVE-2022-36938 was published Nov 11, 2022
conduit-hyper vulnerable to Denial of Service from unchecked request length High
CVE-2022-39294 was published for conduit-hyper (Rust) Oct 31, 2022
parse-server crashes when receiving file download request with invalid byte range High
CVE-2022-39313 was published for parse-server (npm) Oct 18, 2022
hej2010 tdunlap607
A lack of length validation in Snippet descriptions in GitLab CE/EE affecting all versions prior... Moderate Unreviewed
CVE-2022-2592 was published Oct 17, 2022
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site... Moderate Unreviewed
CVE-2022-31629 was published Sep 29, 2022
linked_list_allocator vulnerable to out-of-bound writes on `Heap` initialization and `Heap::extend` High
CVE-2022-36086 was published for linked_list_allocator (Rust) Sep 16, 2022
evanrichter
Improper Input Validation vulnerability exists in the Hitachi Energy MicroSCADA X SYS600's ICCP... High Unreviewed
CVE-2022-2277 was published Sep 15, 2022
libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds... High Unreviewed
CVE-2022-2868 was published Aug 18, 2022
NHI’s health insurance web service component has insufficient validation for input string length,... High Unreviewed
CVE-2021-45918 was published Jun 21, 2022
Denial of service in `tf.ragged.constant` due to lack of validation Moderate
CVE-2022-29202 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `LSTMBlockCell` Moderate
CVE-2022-29200 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `Conv3DBackpropFilterV2` Moderate
CVE-2022-29196 was published for tensorflow (pip) May 24, 2022
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC)... Critical Unreviewed
CVE-2021-31345 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database