Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

91 advisories

Loading
Improper Validation of Specified Quantity in Input in Eclipse Hono High
CVE-2020-27217 was published for org.eclipse.hono:hono-core (Maven) Feb 10, 2022
An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS... Moderate Unreviewed
CVE-2023-22409 was published Jan 13, 2023
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1),... High Unreviewed
CVE-2021-44693 was published Dec 13, 2022
IPFS go-bitfield vulnerable to DoS via malformed size arguments Moderate
CVE-2023-23626 was published for github.com/ipfs/go-bitfield (Go) Feb 10, 2023
Jorropo
Incomplete validation in `MaxPoolGrad` Moderate
CVE-2021-37674 was published for tensorflow (pip) Aug 25, 2021
Missing validation in shape inference for `Dequantize` Moderate
CVE-2021-37677 was published for tensorflow (pip) Aug 25, 2021
An Improper Validation of Specified Quantity in Input vulnerability in the routing protocol... Moderate Unreviewed
CVE-2022-22166 was published Jan 20, 2022
ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper... High Unreviewed
CVE-2021-44158 was published Jan 4, 2022
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap... High Unreviewed
CVE-2021-46158 was published Feb 10, 2022
NHI’s health insurance web service component has insufficient validation for input string length,... High Unreviewed
CVE-2021-45918 was published Jun 21, 2022
Dolibarr vulnerable to Improper Validation of Specified Quantity in Input Moderate
CVE-2022-0414 was published for dolibarr/dolibarr (Composer) Feb 1, 2022
Microweber vulnerable to Improper Validation of Specified Quantity in Input Moderate
CVE-2022-0596 was published for microweber/microweber (Composer) Feb 16, 2022
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling... High Unreviewed
CVE-2021-28510 was published Jan 26, 2023
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST... Critical Unreviewed
CVE-2021-21951 was published Dec 9, 2021
A stack-based buffer overflow vulnerability exists in both the LLMNR functionality of Sealevel... Critical Unreviewed
CVE-2021-21960 was published Feb 10, 2022
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST... Critical Unreviewed
CVE-2021-21950 was published Dec 9, 2021
A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft... High Unreviewed
CVE-2021-21943 was published Apr 15, 2022
`tf.raw_ops.Mfcc` crashes Moderate
CVE-2022-41896 was published for tensorflow (pip) Nov 21, 2022
ToolJet is vulnerable to Denial of Service (DoS) Moderate
CVE-2022-4111 was published for tooljet (npm) Nov 22, 2022
aruneko
conduit-hyper vulnerable to Denial of Service from unchecked request length High
CVE-2022-39294 was published for conduit-hyper (Rust) Oct 31, 2022
Unauthenticated control plane denial of service attack in Istio High
CVE-2022-23635 was published for istio.io/istio (Go) Feb 23, 2022
AdamKorcz howardjohn
Logic error in dolibarr Moderate
CVE-2022-0174 was published for dolibarr/dolibarr (Composer) Jan 12, 2022
Missing validation causes denial of service via `Conv3DBackpropFilterV2` Moderate
CVE-2022-29196 was published for tensorflow (pip) May 24, 2022
Missing validation causes denial of service via `LSTMBlockCell` Moderate
CVE-2022-29200 was published for tensorflow (pip) May 24, 2022
Denial of service in `tf.ragged.constant` due to lack of validation Moderate
CVE-2022-29202 was published for tensorflow (pip) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database