Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,825
Erlang
29
GitHub Actions
16
Go
1,715
Maven
4,950
npm
3,479
NuGet
605
pip
3,009
Pub
10
RubyGems
830
Rust
776
Swift
34
Unreviewed advisories
All unreviewed
5,000+

24 advisories

Server receiving a malformed message that causes a disconnect to a hostname may causing a stack... High Unreviewed
CVE-2023-5393 was published Apr 11, 2024
Windows Hyper-V Denial of Service Vulnerability Moderate Unreviewed
CVE-2024-29064 was published Apr 9, 2024
Azure Private 5G Core Denial of Service Vulnerability Moderate Unreviewed
CVE-2024-20685 was published Apr 9, 2024
A denial of service vulnerability exists in the OAS Engine File Data Source Configuration... Moderate Unreviewed
CVE-2024-24976 was published Apr 3, 2024
Out of memory error when submitting the dataset form with a specially-crafted field Moderate
CVE-2023-50248 was published for ckan (pip) Dec 13, 2023
thorge
Jetty accepts "+" prefixed value in Content-Length Moderate
CVE-2023-40167 was published for org.eclipse.jetty:jetty-http (Maven) Sep 14, 2023
mukeran chenjj
Improper handling of NTS cookie length that could crash the ntpd-rs server High
CVE-2023-33192 was published for ntpd (Rust) May 25, 2023
mlichvar
swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length High
CVE-2022-24666 was published for github.com/apple/swift-nio-http2 (Swift) May 18, 2023
A heap-based buffer overflow vulnerability exists in the TriangleMesh clone functionality of... High Unreviewed
CVE-2022-36788 was published Apr 20, 2023
An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol... High Unreviewed
CVE-2023-28964 was published Apr 18, 2023
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series... High Unreviewed
CVE-2022-20689 was published Dec 12, 2022
Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA... Moderate Unreviewed
CVE-2022-20686 was published Dec 12, 2022
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series... High Unreviewed
CVE-2022-20690 was published Dec 12, 2022
rdiffweb's unlimited username field length can lead to DoS High
CVE-2022-3290 was published for rdiffweb (pip) Sep 27, 2022
RosarioSIS before 10.1 vulnerable to Improper Handling of Length Parameter Inconsistency High
CVE-2022-2714 was published for francoisjacquet/rosariosis (Composer) Sep 7, 2022
Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point... Low Unreviewed
CVE-2020-16224 was published May 24, 2022
OCI OpenDDS versions prior to 3.18.1 do not handle a length parameter consistent with the actual... Critical Unreviewed
CVE-2021-38445 was published May 6, 2022
Duplicate advisory: swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length High
GHSA-pv7r-9vjg-g3f9 was published for github.com/apple/swift-nio-http2 (Swift) Feb 11, 2022 withdrawn
Improper Handling of Length Parameter Inconsistency vulnerability in MELSEC iQ-R Series R00/01... High Unreviewed
CVE-2021-20610 was published Dec 2, 2021
Improper Handling of Length Parameter Inconsistency in Apache Ant Moderate
CVE-2021-36374 was published for org.apache.ant:ant (Maven) Aug 2, 2021
Improper Handling of Length Parameter Inconsistency in Apache Ant Moderate
CVE-2021-36373 was published for org.apache.ant:ant (Maven) Aug 2, 2021
Improper Handling of Length Parameter Inconsistency in Compress High
CVE-2021-36090 was published for org.apache.commons:commons-compress (Maven) Aug 2, 2021
Improper Handling of Length Parameter Inconsistency in Compress High
CVE-2021-35517 was published for org.apache.commons:commons-compress (Maven) Aug 2, 2021
Improper Handling of Length Parameter Inconsistency in Compress High
CVE-2021-35516 was published for org.apache.commons:commons-compress (Maven) Aug 2, 2021
ProTip! Advisories are also available from the GraphQL API