Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,744
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

55 advisories

Loading
Windows Hyper-V Denial of Service Vulnerability Moderate Unreviewed
CVE-2024-29064 was published Apr 9, 2024
Azure Private 5G Core Denial of Service Vulnerability Moderate Unreviewed
CVE-2024-20685 was published Apr 9, 2024
A denial of service vulnerability exists in the OAS Engine File Data Source Configuration... Moderate Unreviewed
CVE-2024-24976 was published Apr 3, 2024
Remotely exploitable denial of service in Rosenpass Moderate
CVE-2023-53157 was published for rosenpass (Rust) Dec 21, 2023
Out of memory error when submitting the dataset form with a specially-crafted field Moderate
CVE-2023-50248 was published for ckan (pip) Dec 13, 2023
thorge
Credited to thorge
Jetty accepts "+" prefixed value in Content-Length Moderate
CVE-2023-40167 was published for org.eclipse.jetty:jetty-http (Maven) Sep 14, 2023
mukeran chenjj
Credited to mukeran and chenjj
Improper handling of NTS cookie length that could crash the ntpd-rs server High
CVE-2023-33192 was published for ntpd (Rust) May 25, 2023
mlichvar
Credited to mlichvar
swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length High
CVE-2022-24666 was published for github.com/apple/swift-nio-http2 (Swift) May 18, 2023
A heap-based buffer overflow vulnerability exists in the TriangleMesh clone functionality of... High Unreviewed
CVE-2022-36788 was published Apr 20, 2023
An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol... High Unreviewed
CVE-2023-28964 was published Apr 18, 2023
Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA... Moderate Unreviewed
CVE-2022-20686 was published Dec 12, 2022
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series... High Unreviewed
CVE-2022-20690 was published Dec 12, 2022
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series... High Unreviewed
CVE-2022-20689 was published Dec 12, 2022
The communication framework module has a vulnerability of not truncating data properly.Successful... High Unreviewed
CVE-2022-41586 was published Oct 14, 2022
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP... Moderate Unreviewed
CVE-2021-27861 was published Sep 28, 2022
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP... Moderate Unreviewed
CVE-2021-27862 was published Sep 28, 2022
rdiffweb's unlimited length email field can lead to DoS High
CVE-2022-3272 was published for rdiffweb (pip) Sep 27, 2022
rdiffweb's unlimited username field length can lead to DoS High
CVE-2022-3290 was published for rdiffweb (pip) Sep 27, 2022
RosarioSIS before 10.1 vulnerable to Improper Handling of Length Parameter Inconsistency High
CVE-2022-2714 was published for francoisjacquet/rosariosis (Composer) Sep 7, 2022
Improper handling of length parameter inconsistency vulnerability in Mitsubishi Electric FA... Critical Unreviewed
CVE-2021-20588 was published May 24, 2022
Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point... Low Unreviewed
CVE-2020-16224 was published May 24, 2022
OCI OpenDDS versions prior to 3.18.1 do not handle a length parameter consistent with the actual... Critical Unreviewed
CVE-2021-38445 was published May 6, 2022
A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the... High Unreviewed
CVE-2021-43666 was published Mar 25, 2022
Duplicate advisory: swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length High
GHSA-pv7r-9vjg-g3f9 was published for github.com/apple/swift-nio-http2 (Swift) Feb 11, 2022 withdrawn
Improper Handling of Length Parameter Inconsistency vulnerability in MELSEC iQ-R Series R00/01... High Unreviewed
CVE-2021-20610 was published Dec 2, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database