Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

278 advisories

Loading
Apache Answer: The link to reset the user's password will remain valid after sending a new link Moderate
CVE-2024-41890 was published for github.com/apache/incubator-answer (Go) Aug 12, 2024
Apache Answer: The link for resetting user password is not Single-Use Moderate
CVE-2024-41888 was published for github.com/apache/incubator-answer (Go) Aug 12, 2024
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix missing... Moderate Unreviewed
CVE-2021-47389 was published May 21, 2024
Missing release of resource after effective lifetime (CWE-772) in the Controller 7000 resulted... Moderate Unreviewed
CVE-2024-22383 was published Mar 5, 2024
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could... Moderate Unreviewed
CVE-2023-31274 was published Jan 18, 2024
Traefik vulnerable to potential DDoS via ACME HTTPChallenge Moderate
CVE-2023-47124 was published for github.com/traefik/traefik/v2 (Go) Dec 5, 2023
Bunkum tokens cached in the AuthenticationService are susceptible to a use-after-free Moderate
CVE-2023-45814 was published for Bunkum (NuGet) Oct 19, 2023
jvyden
In BIG-IP versions 17.0.x before 17.0.0.2, and 16.1.x beginning in 16.1.2.2 to before 16.1.3.3,... Moderate Unreviewed
CVE-2023-22302 was published Jul 6, 2023
In the Linux kernel before 5.17.2, drivers/soc/qcom/qcom_aoss.c does not release an... Moderate Unreviewed
CVE-2023-22996 was published Feb 28, 2023
Dell BIOS versions contain a Missing Release of Resource after Effective Lifetime vulnerability.... Moderate Unreviewed
CVE-2022-31222 was published Sep 13, 2022
tifig v0.2.2 was discovered to contain a memory leak via operator new[](unsigned long) at /asan... Moderate Unreviewed
CVE-2022-36152 was published Aug 17, 2022
SWFTools commit 772e55a2 was discovered to contain a memory leak via /lib/mem.c. Moderate Unreviewed
CVE-2022-35110 was published Aug 17, 2022
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6).... Moderate Unreviewed
CVE-2021-33437 was published Jul 27, 2022
QPDF v8.4.2 was discovered to contain a heap buffer overflow via the function QPDF:... Moderate Unreviewed
CVE-2022-34503 was published Jul 23, 2022
A Missing Release of File Descriptor or Handle after Effective Lifetime vulnerability in plugable... Moderate Unreviewed
CVE-2022-22215 was published Jul 21, 2022
ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage. Moderate Unreviewed
CVE-2019-16709 was published May 24, 2022
ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in... Moderate Unreviewed
CVE-2019-16713 was published May 24, 2022
ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated... Moderate Unreviewed
CVE-2019-16712 was published May 24, 2022
ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in... Moderate Unreviewed
CVE-2019-16710 was published May 24, 2022
ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage. Moderate Unreviewed
CVE-2019-16708 was published May 24, 2022
ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c. Moderate Unreviewed
CVE-2019-16711 was published May 24, 2022
In broadband environments, including but not limited to Enhanced Subscriber Management, (CHAP,... Moderate Unreviewed
CVE-2021-31378 was published May 24, 2022
OpenStack Neutron Denial of Service vulnerability Moderate
CVE-2021-40797 was published for neutron (pip) May 24, 2022
Due to incorrect JIT optimization, we incorrectly interpreted data from the wrong type of object,... Moderate Unreviewed
CVE-2021-29982 was published May 24, 2022
Dell EMC NetWorker, 19.4 or older, contain an uncontrolled resource consumption flaw in its API... Moderate Unreviewed
CVE-2021-21600 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API