Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,039
Erlang
29
GitHub Actions
18
Go
1,864
Maven
5,000+
npm
3,587
NuGet
636
pip
3,176
Pub
10
RubyGems
852
Rust
805
Swift
34
Unreviewed advisories
All unreviewed
5,000+

442 advisories

Apache Answer: The link for resetting user password is not Single-Use Moderate
CVE-2024-41888 was published for github.com/apache/incubator-answer (Go) Aug 12, 2024
Apache Answer: The link to reset the user's password will remain valid after sending a new link Moderate
CVE-2024-41890 was published for github.com/apache/incubator-answer (Go) Aug 12, 2024
A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process,... High Unreviewed
CVE-2024-39562 was published Jul 11, 2024
OpenVPN 2.6.10 and earlier in a server role accepts multiple exit notifications from... Unknown Unreviewed
CVE-2024-28882 was published Jul 9, 2024
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix missing... Moderate Unreviewed
CVE-2021-47389 was published May 21, 2024
In the Linux kernel, the following vulnerability has been resolved: ubifs: Set page uptodate in... High Unreviewed
CVE-2024-35821 was published May 17, 2024
Missing release of resource after effective lifetime (CWE-772) in the Controller 7000 resulted... Moderate Unreviewed
CVE-2024-22383 was published Mar 5, 2024
When a BIG-IP ASM/Advanced WAF security policy is configured on a virtual server, undisclosed... High Unreviewed
CVE-2024-21789 was published Feb 14, 2024
Etcd Gateway can include itself as an endpoint resulting in resource exhaustion High
CVE-2020-15114 was published for go.etcd.io/etcd (Go) Jan 31, 2024
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could... Moderate Unreviewed
CVE-2023-31274 was published Jan 18, 2024
in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through occupy all... Low Unreviewed
CVE-2023-47216 was published Jan 2, 2024
Traefik vulnerable to potential DDoS via ACME HTTPChallenge Moderate
CVE-2023-47124 was published for github.com/traefik/traefik/v2 (Go) Dec 5, 2023
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA)... High Unreviewed
CVE-2023-20095 was published Nov 1, 2023
Bunkum tokens cached in the AuthenticationService are susceptible to a use-after-free Moderate
CVE-2023-45814 was published for Bunkum (NuGet) Oct 19, 2023
jvyden
In BIG-IP versions 17.0.x before 17.0.0.2, and 16.1.x beginning in 16.1.2.2 to before 16.1.3.3,... Moderate Unreviewed
CVE-2023-22302 was published Jul 6, 2023
In the Linux kernel before 5.17.2, drivers/soc/qcom/qcom_aoss.c does not release an... Moderate Unreviewed
CVE-2023-22996 was published Feb 28, 2023
A vulnerability classified as problematic was found in vicamo NetworkManager. Affected by this... High Unreviewed
CVE-2014-125042 was published Jan 5, 2023
golang.org/x/text/language Denial of service via crafted Accept-Language header High
CVE-2022-32149 was published for golang.org/x/text (Go) Oct 14, 2022
rbeuque74
Dell BIOS versions contain a Missing Release of Resource after Effective Lifetime vulnerability.... Moderate Unreviewed
CVE-2022-31222 was published Sep 13, 2022
An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security... High Unreviewed
CVE-2022-40280 was published Sep 9, 2022
tifig v0.2.2 was discovered to contain a memory leak via operator new[](unsigned long) at /asan... Moderate Unreviewed
CVE-2022-36152 was published Aug 17, 2022
SWFTools commit 772e55a2 was discovered to contain a memory leak via /lib/mem.c. Moderate Unreviewed
CVE-2022-35110 was published Aug 17, 2022
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6).... Moderate Unreviewed
CVE-2021-33437 was published Jul 27, 2022
QPDF v8.4.2 was discovered to contain a heap buffer overflow via the function QPDF:... Moderate Unreviewed
CVE-2022-34503 was published Jul 23, 2022
A Missing Release of File Descriptor or Handle after Effective Lifetime vulnerability in plugable... Moderate Unreviewed
CVE-2022-22215 was published Jul 21, 2022
ProTip! Advisories are also available from the GraphQL API