Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,656
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

83 advisories

Loading
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC)... Critical Unreviewed
CVE-2021-31345 was published May 24, 2022
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC)... Critical Unreviewed
CVE-2021-31346 was published May 24, 2022
Improper Validation of Specified Quantity in Input in Eclipse Hono High
CVE-2020-27217 was published for org.eclipse.hono:hono-core (Maven) Feb 10, 2022
An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS... Moderate Unreviewed
CVE-2023-22409 was published Jan 13, 2023
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1),... High Unreviewed
CVE-2021-44693 was published Dec 13, 2022
IPFS go-bitfield vulnerable to DoS via malformed size arguments Moderate
CVE-2023-23626 was published for github.com/ipfs/go-bitfield (Go) Feb 10, 2023
Jorropo
Incomplete validation in `MaxPoolGrad` Moderate
CVE-2021-37674 was published for tensorflow (pip) Aug 25, 2021
Missing validation in shape inference for `Dequantize` Moderate
CVE-2021-37677 was published for tensorflow (pip) Aug 25, 2021
An Improper Validation of Specified Quantity in Input vulnerability in the routing protocol... Moderate Unreviewed
CVE-2022-22166 was published Jan 20, 2022
ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper... High Unreviewed
CVE-2021-44158 was published Jan 4, 2022
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap... High Unreviewed
CVE-2021-46158 was published Feb 10, 2022
NHI’s health insurance web service component has insufficient validation for input string length,... High Unreviewed
CVE-2021-45918 was published Jun 21, 2022
Dolibarr vulnerable to Improper Validation of Specified Quantity in Input Moderate
CVE-2022-0414 was published for dolibarr/dolibarr (Composer) Feb 1, 2022
Microweber vulnerable to Improper Validation of Specified Quantity in Input Moderate
CVE-2022-0596 was published for microweber/microweber (Composer) Feb 16, 2022
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling... High Unreviewed
CVE-2021-28510 was published Jan 26, 2023
A stack-based buffer overflow vulnerability exists in both the LLMNR functionality of Sealevel... Critical Unreviewed
CVE-2021-21960 was published Feb 10, 2022
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST... Critical Unreviewed
CVE-2021-21951 was published Dec 9, 2021
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST... Critical Unreviewed
CVE-2021-21950 was published Dec 9, 2021
A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft... High Unreviewed
CVE-2021-21943 was published Apr 15, 2022
`tf.raw_ops.Mfcc` crashes Moderate
CVE-2022-41896 was published for tensorflow (pip) Nov 21, 2022
ToolJet is vulnerable to Denial of Service (DoS) Moderate
CVE-2022-4111 was published for tooljet (npm) Nov 22, 2022
aruneko
conduit-hyper vulnerable to Denial of Service from unchecked request length High
CVE-2022-39294 was published for conduit-hyper (Rust) Oct 31, 2022
Abort caused by allocating a vector that is too large in Tensorflow Moderate
CVE-2022-23580 was published for tensorflow (pip) Feb 7, 2022
Unauthenticated control plane denial of service attack in Istio High
CVE-2022-23635 was published for istio.io/istio (Go) Feb 23, 2022
AdamKorcz howardjohn
Transaction validity oversight in pallet-ethereum Moderate
CVE-2021-39193 was published for frontier (Rust) Sep 1, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database