GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,277
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,595 advisories
Filter by severity
In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the listdir function in ls.c.
Moderate
Unreviewed
CVE-2019-20176
was published
May 24, 2022
Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service.
High
Unreviewed
CVE-2021-33959
was published
Jan 18, 2023
CAMS for HIS Log Server contained in the following Yokogawa Electric products is vulnerable to...
High
Unreviewed
CVE-2022-22145
was published
Mar 12, 2022
In Package Manger, there is a possible permanent denial of service due to resource exhaustion....
Moderate
Unreviewed
CVE-2021-39624
was published
Mar 17, 2022
A denial of service vulnerability exists in the netserver recv_command functionality of reolink...
High
Unreviewed
CVE-2022-21801
was published
Jan 29, 2022
A resource exhaustion issue was addressed with improved input validation. This issue is fixed in...
Moderate
Unreviewed
CVE-2022-22588
was published
Mar 19, 2022
In cloud foundry CAPI versions prior to 1.122, a denial-of-service attack in which a developer...
Moderate
Unreviewed
CVE-2021-22100
was published
Mar 26, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting with version 8.10....
Moderate
Unreviewed
CVE-2022-0488
was published
Mar 29, 2022
There is a Resource Management Errors vulnerability in Huawei Smartphone.Successful exploitation...
High
Unreviewed
CVE-2021-37068
was published
Dec 8, 2021
In getOffsetBeforeAfter of TextLine.java, there is a possible denial of service due to resource...
Moderate
Unreviewed
CVE-2021-0993
was published
Dec 16, 2021
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14...
Moderate
Unreviewed
CVE-2021-39932
was published
Dec 14, 2021
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service,...
High
Unreviewed
CVE-2021-38951
was published
Dec 10, 2021
Unauthenticated users can access sensitive web URLs through GET request, which should be...
Moderate
Unreviewed
CVE-2021-32503
was published
Apr 3, 2022
A denial of service vulnerability when rendering RDoc files in GitLab CE/EE versions 10 to 14.7.7...
Moderate
Unreviewed
CVE-2022-1185
was published
Apr 5, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting with 8.15 . It was...
Moderate
Unreviewed
CVE-2022-0489
was published
Apr 3, 2022
totolink EX300_v2, ver V4.0.3c.140_B20210429 and A720R ,ver V4.1.5cu.470_B20200911 have an issue...
Moderate
Unreviewed
CVE-2021-43662
was published
Apr 1, 2022
A potential DoS vulnerability was discovered in Gitlab CE/EE versions 13.7 before 14.7.7, all...
High
Unreviewed
CVE-2022-1174
was published
Apr 5, 2022
Adding a very large number of tags to a runner in GitLab CE/EE affecting all versions prior to 14...
Moderate
Unreviewed
CVE-2022-1099
was published
Apr 5, 2022
OX App Suite through 7.10.6 has Uncontrolled Resource Consumption via a large location request...
Moderate
Unreviewed
CVE-2022-37311
was published
Dec 26, 2022
OX App Suite through 7.10.6 has Uncontrolled Resource Consumption via a large request body...
Moderate
Unreviewed
CVE-2022-37312
was published
Dec 26, 2022
In libming 0.4.8, a memory exhaustion vulnerability exist in the function cws2fws in util/main.c....
Moderate
Unreviewed
CVE-2021-44590
was published
Jan 7, 2022
A vulnerability has been identified in SIMATIC PCS neo (Administration Console) (All versions <...
High
Unreviewed
CVE-2022-27194
was published
Apr 13, 2022
A specially crafted packet sent to the Fernhill SCADA Server Version 3.77 and earlier may cause...
High
Unreviewed
CVE-2022-21155
was published
Apr 13, 2022
A Denial of Service (DoS) vulnerability in the processing of a flood of specific ARP traffic in...
Moderate
Unreviewed
CVE-2022-22191
was published
Apr 15, 2022
A vulnerability in the NETCONF over SSH feature of Cisco IOS XE Software could allow a low...
Moderate
Unreviewed
CVE-2022-20692
was published
Apr 16, 2022
ProTip!
Advisories are also available from the
GraphQL API