Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,347
Erlang
31
GitHub Actions
22
Go
2,117
Maven
5,000+
npm
3,768
NuGet
680
pip
3,457
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

283 advisories

Loading
Uncontrolled Resource Consumption in Matrix Synapse Moderate
CVE-2022-41952 was published for matrix-synapse (pip) Apr 1, 2022
Dell BIOS versions contain a Missing Release of Resource after Effective Lifetime vulnerability.... Moderate Unreviewed
CVE-2022-31222 was published Sep 13, 2022
Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5 through 1.10.3... Moderate Unreviewed
CVE-2018-17234 was published May 13, 2022
Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10... Moderate Unreviewed
CVE-2018-17437 was published May 13, 2022
Bunkum tokens cached in the AuthenticationService are susceptible to a use-after-free Moderate
CVE-2023-45814 was published for Bunkum (NuGet) Oct 19, 2023
jvyden
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could... Moderate Unreviewed
CVE-2023-31274 was published Jan 18, 2024
Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log... Moderate Unreviewed
CVE-2022-26356 was published Apr 6, 2022
IBM Rational Build Forge 7.0.2 allows remote attackers to cause a denial of service (CPU... Moderate Unreviewed
CVE-2008-2122 was published May 1, 2022
Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions,... Moderate Unreviewed
CVE-2007-0897 was published May 1, 2022
Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows... Moderate Unreviewed
CVE-1999-1127 was published Apr 30, 2022
Missing release of resource after effective lifetime (CWE-772) in the Controller 7000 resulted... Moderate Unreviewed
CVE-2024-22383 was published Mar 5, 2024
vg_lookup in daemons/lvmetad/lvmetad-core.c in LVM2 2.02 mismanages memory, leading to an lvmetad... Moderate Unreviewed
CVE-2020-8991 was published May 24, 2022
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were... Moderate Unreviewed
CVE-2011-1489 was published Apr 22, 2022
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are... Moderate Unreviewed
CVE-2011-1490 was published Apr 22, 2022
libpng 1.6.37 has memory leaks in png_malloc_warn and png_create_info_struct. Moderate Unreviewed
CVE-2019-17371 was published May 24, 2022
A missing check on incoming client requests can be exploited to cause a situation where the Kea... Moderate Unreviewed
CVE-2019-6474 was published May 24, 2022
An exploitable vulnerability exists in the grsecurity PaX patch for the function read_kmem, in... Moderate Unreviewed
CVE-2019-5023 was published May 24, 2022
A memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 because SafeMulDims does... Moderate Unreviewed
CVE-2019-20052 was published May 24, 2022
An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces... Moderate Unreviewed
CVE-2019-20794 was published May 24, 2022
In BIG-IP versions 17.0.x before 17.0.0.2, and 16.1.x beginning in 16.1.2.2 to before 16.1.3.3,... Moderate Unreviewed
CVE-2023-22302 was published Jul 6, 2023
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix missing... Moderate Unreviewed
CVE-2021-47389 was published May 21, 2024
Apache Answer: The link for resetting user password is not Single-Use Moderate
CVE-2024-41888 was published for github.com/apache/incubator-answer (Go) Aug 12, 2024
Apache Answer: The link to reset the user's password will remain valid after sending a new link Moderate
CVE-2024-41890 was published for github.com/apache/incubator-answer (Go) Aug 12, 2024
In MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a... Moderate Unreviewed
CVE-2018-1000036 was published May 13, 2022
drivers/bluetooth/virtio_bt.c in the Linux kernel before 5.16.3 has a memory leak (socket buffers... Moderate Unreviewed
CVE-2022-26878 was published Mar 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database