GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
209 advisories
Filter by severity
PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against...
Moderate
Unreviewed
CVE-2020-10995
was published
May 24, 2022
An exploitable denial-of-service vulnerability exists in the resource record-parsing...
Moderate
Unreviewed
CVE-2020-6071
was published
May 24, 2022
Products with Unified Automation .NET based OPC UA Client/Server SDK Bundle: Versions V3.0.7 and...
High
Unreviewed
CVE-2021-27434
was published
May 24, 2022
A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba...
Moderate
Unreviewed
CVE-2020-10704
was published
May 24, 2022
ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because...
Moderate
Unreviewed
CVE-2019-18853
was published
May 24, 2022
In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE...
Moderate
Unreviewed
CVE-2019-11779
was published
May 24, 2022
An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart...
High
Unreviewed
CVE-2018-4002
was published
May 24, 2022
compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of...
Moderate
Unreviewed
CVE-2022-30974
was published
May 19, 2022
Apache ORC vulnerable to Uncontrolled Recursion
High
CVE-2018-8015
was published
for
org.apache.orc:orc
(Maven)
May 13, 2022
An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion because the match...
High
Unreviewed
CVE-2019-11413
was published
May 24, 2022
An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37...
Moderate
Unreviewed
CVE-2022-28201
was published
Sep 20, 2022
Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to...
High
Unreviewed
CVE-2022-30630
was published
Aug 11, 2022
Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an...
High
Unreviewed
CVE-2022-30633
was published
Aug 11, 2022
Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow...
Moderate
Unreviewed
CVE-2022-1962
was published
Aug 11, 2022
Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an...
High
Unreviewed
CVE-2022-30632
was published
Aug 11, 2022
Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows...
High
Unreviewed
CVE-2022-30635
was published
Aug 11, 2022
Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an...
High
Unreviewed
CVE-2022-30631
was published
Aug 11, 2022
Denial of Service in Elasticsearch
Moderate
CVE-2021-22144
was published
for
org.elasticsearch:elasticsearch
(Maven)
Aug 9, 2021
vm2 before 3.6.11 vulnerable to sandbox escape
High
CVE-2019-10761
was published
for
vm2
(npm)
Jul 14, 2022
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Denial of Service attack. Due to an...
Moderate
Unreviewed
CVE-2017-0886
was published
May 13, 2022
URL previews of unusual or maliciously-crafted pages can crash Synapse media repositories or Synapse monoliths
Moderate
CVE-2022-31052
was published
for
matrix-synapse
(pip)
Jun 29, 2022
A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers...
Moderate
Unreviewed
CVE-2020-18898
was published
May 24, 2022
A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call...
Moderate
Unreviewed
CVE-2021-39257
was published
May 24, 2022
Uncontrolled Recursion in Akka HTTP
High
CVE-2021-42697
was published
for
com.typesafe.akka:akka-http
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API