Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

42 advisories

Loading
Excessive memory allocation Moderate
CVE-2018-12541 was published for io.vertx:vertx-core (Maven) Oct 17, 2018
tdunlap607
Uncontrolled Memory Allocation in Apache PDFBox Moderate
CVE-2021-27906 was published for org.apache.pdfbox:pdfbox (Maven) May 13, 2021
Denial of service in Tendermint Low
CVE-2020-5303 was published for github.com/tendermint/tendermint (Go) May 27, 2021
Uncontrolled memory consumption Moderate
CVE-2021-31811 was published for org.apache.pdfbox:pdfbox (Maven) Jun 15, 2021
Memory over-allocation in evm-core Moderate
GHSA-773q-5334-5gf9 was published for evm-core (Rust) Aug 25, 2021
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2021-34869 was published Jan 26, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2021-34868 was published Jan 26, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2021-34867 was published Jan 26, 2022
Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes Moderate
CVE-2020-8551 was published for k8s.io/kubernetes (Go) Feb 15, 2022
Kubernetes API Server DoS Via API Requests Moderate
CVE-2020-8552 was published for k8s.io/apiserver (Go) Feb 15, 2022
skitt marquiz
toddtreece
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in WEKA INTEREST Security Scanner... High Unreviewed
CVE-2017-20016 was published Mar 29, 2022
Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager,... High Unreviewed
CVE-2022-28773 was published Apr 13, 2022
A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated... Moderate Unreviewed
CVE-2022-20717 was published Apr 16, 2022
Symfony Denial of Service Via Long Password Hashing Moderate
CVE-2013-5958 was published for symfony/polyfill (Composer) May 17, 2022
A vulnerability in the logging subsystem of Cisco Data Center Network Manager (DCNM) could... Moderate Unreviewed
CVE-2021-1283 was published May 24, 2022
A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an... Moderate Unreviewed
CVE-2021-1568 was published May 24, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2021-34854 was published May 24, 2022
Memory Allocation with Excessive Size Value in OPCFoundation.NetStandard.Opc.Ua.Core High
CVE-2022-29863 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen
The CODESYS Gateway Server V2 does not verifiy that the size of a request is within expected... High Unreviewed
CVE-2022-31804 was published Jun 25, 2022
Binary vulnerable to Slice Memory Allocation with Excessive Size Value High
CVE-2022-36078 was published for github.com/gagliardetto/binary (Go) Sep 16, 2022
Apache Kafka vulnerability can lead to brokers hitting OutOfMemoryException, causing Denial of Service High
CVE-2022-34917 was published for org.apache.kafka:kafka (Maven) Sep 21, 2022
jkmartindale
docconv vulnerable to Memory Allocation with Excessive Size Value Moderate
CVE-2022-4741 was published for code.sajari.com/docconv (Go) Dec 25, 2022
vyper vulnerable to storage allocator overflow High
CVE-2023-30837 was published for vyper (pip) May 5, 2023
ToonVanHove trocher
A vulnerability in the XCP Authentication Service of the Cisco Unified Communications Manager IM ... High Unreviewed
CVE-2023-20108 was published Jun 28, 2023
Excessive Iteration in gRPC High
CVE-2023-33953 was published for grpc (RubyGems) Aug 9, 2023
levpachmanov
ProTip! Advisories are also available from the GraphQL API