GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
284 advisories
Filter by severity
In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that...
Moderate
Unreviewed
CVE-2023-0809
was published
Oct 2, 2023
When calling `JS::CheckRegExpSyntax` a Syntax Error could have been set which would end in...
Moderate
Unreviewed
CVE-2023-4578
was published
Sep 11, 2023
An improper resource allocation vulnerability exists in the OAS Engine configuration management...
Moderate
Unreviewed
CVE-2023-34994
was published
Sep 5, 2023
GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability...
Moderate
Unreviewed
CVE-2022-48064
was published
Aug 22, 2023
A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35...
Moderate
Unreviewed
CVE-2023-38532
was published
Aug 8, 2023
In some circumstances, a stale value could have been used for a global variable in WASM JIT...
Moderate
Unreviewed
CVE-2023-4046
was published
Aug 1, 2023
A missing allocation check in sftp server processing read requests may cause a NULL dereference...
Moderate
Unreviewed
CVE-2023-3603
was published
Jul 21, 2023
Wyse Management Suite versions prior to 4.0 contain a denial-of-service vulnerability. An...
Moderate
Unreviewed
CVE-2023-32481
was published
Jul 20, 2023
JavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and...
Moderate
Unreviewed
CVE-2023-29449
was published
Jul 13, 2023
In list_key_entries of utils.rs, there is a possible way to disable user credentials due to...
Moderate
Unreviewed
CVE-2023-21176
was published
Jun 28, 2023
A denial-of-service issue was addressed with improved memory handling. This issue is fixed in iOS...
Moderate
Unreviewed
CVE-2023-32385
was published
Jun 23, 2023
HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface...
Moderate
Unreviewed
CVE-2023-30903
was published
Jun 16, 2023
A lack of length validation in GitLab CE/EE affecting all versions from 8.3 before 15.10.8, 15.11...
Moderate
Unreviewed
CVE-2023-0921
was published
Jun 6, 2023
A memory leak vulnerability exists in NanoMQ 0.17.2. The vulnerability is located in the file...
Moderate
Unreviewed
CVE-2023-33656
was published
May 30, 2023
Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42aac component.
Moderate
Unreviewed
CVE-2023-29575
was published
Apr 21, 2023
An Improperly Controlled Sequential Memory Allocation vulnerability in the Juniper Networks Deep...
Moderate
Unreviewed
CVE-2023-28968
was published
Apr 18, 2023
Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp4info component.
Moderate
Unreviewed
CVE-2023-29573
was published
Apr 13, 2023
User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4...
Moderate
Unreviewed
CVE-2023-0382
was published
Apr 5, 2023
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows...
Moderate
Unreviewed
CVE-2023-1544
was published
Mar 23, 2023
A vulnerability in the HTTP-based client profiling feature of Cisco IOS XE Software for Wireless...
Moderate
Unreviewed
CVE-2023-20067
was published
Mar 23, 2023
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple...
Moderate
Unreviewed
CVE-2022-42334
was published
Mar 21, 2023
An issue in Giorgio Tani peazip v.9.0.0 allows attackers to cause a denial of service via the End...
Moderate
Unreviewed
CVE-2023-24785
was published
Feb 17, 2023
In AutomaticZenRule of AutomaticZenRule.java, there is a possible persistent DoS due to resource...
Moderate
Unreviewed
CVE-2022-20494
was published
Jan 26, 2023
A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco Webex Room Phone and...
Moderate
Unreviewed
CVE-2023-20047
was published
Jan 20, 2023
A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All...
Moderate
Unreviewed
CVE-2022-41288
was published
Dec 13, 2022
ProTip!
Advisories are also available from the
GraphQL API