Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

443 advisories

Loading
A failure to free memory can occur when processing messages having a specific combination of EDNS... High Unreviewed
CVE-2018-5744 was published May 24, 2022
libpng 1.6.37 has memory leaks in png_malloc_warn and png_create_info_struct. Moderate Unreviewed
CVE-2019-17371 was published May 24, 2022
Boa through 0.94.14rc21 allows remote attackers to trigger a memory leak because of missing calls... High Unreviewed
CVE-2018-21028 was published May 24, 2022
A missing check on incoming client requests can be exploited to cause a situation where the Kea... Moderate Unreviewed
CVE-2019-6474 was published May 24, 2022
The Video_Converter app 0.1.0 for Nextcloud allows denial of service (CPU and memory consumption)... High Unreviewed
CVE-2019-18214 was published May 24, 2022
An exploitable vulnerability exists in the grsecurity PaX patch for the function read_kmem, in... Moderate Unreviewed
CVE-2019-5023 was published May 24, 2022
A memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 because SafeMulDims does... Moderate Unreviewed
CVE-2019-20052 was published May 24, 2022
An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces... Moderate Unreviewed
CVE-2019-20794 was published May 24, 2022
In BIG-IP versions 17.0.x before 17.0.0.2, and 16.1.x beginning in 16.1.2.2 to before 16.1.3.3,... Moderate Unreviewed
CVE-2023-22302 was published Jul 6, 2023
In the Linux kernel, the following vulnerability has been resolved: ubifs: Set page uptodate in... High Unreviewed
CVE-2024-35821 was published May 17, 2024
OpenVPN 2.6.10 and earlier in a server role accepts multiple exit notifications from... Unknown Unreviewed
CVE-2024-28882 was published Jul 9, 2024
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix missing... Moderate Unreviewed
CVE-2021-47389 was published May 21, 2024
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and... High Unreviewed
CVE-2018-0158 was published May 13, 2022
A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process,... High Unreviewed
CVE-2024-39562 was published Jul 11, 2024
Apache Answer: The link for resetting user password is not Single-Use Moderate
CVE-2024-41888 was published for github.com/apache/incubator-answer (Go) Aug 12, 2024
Apache Answer: The link to reset the user's password will remain valid after sending a new link Moderate
CVE-2024-41890 was published for github.com/apache/incubator-answer (Go) Aug 12, 2024
In MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a... Moderate Unreviewed
CVE-2018-1000036 was published May 13, 2022
Uncontrolled resource consumption in Zoom SDKs before 5.14.7 may allow an unauthenticated user to... High Unreviewed
CVE-2023-36533 was published Aug 8, 2023
ProTip! Advisories are also available from the GraphQL API