Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,946
Erlang
29
GitHub Actions
16
Go
1,734
Maven
4,963
npm
3,493
NuGet
607
pip
3,059
Pub
10
RubyGems
832
Rust
779
Swift
34
Unreviewed advisories
All unreviewed
5,000+

878 advisories

Untrusted data can lead to DoS attack due to hash collisions and stack overflow in MessagePack Moderate
CVE-2020-5234 was published for MessagePack (NuGet) Jan 31, 2020
Delta Electronics CNCSoft Versions 1.01.30 and prior are vulnerable to a stack-based buffer... High Unreviewed
CVE-2021-43982 was published Dec 10, 2021
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All... High Unreviewed
CVE-2021-44432 was published Dec 15, 2021
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.41), POWER METER... High Unreviewed
CVE-2021-44165 was published Dec 15, 2021
Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to a... High Unreviewed
CVE-2021-38413 was published Dec 21, 2021
FATEK WinProladder Versions 3.30_24518 and prior are vulnerable to a stack-based buffer overflow... High Unreviewed
CVE-2021-43556 was published Dec 29, 2021
ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper... High Unreviewed
CVE-2021-44158 was published Jan 4, 2022
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software... High Unreviewed
CVE-2021-1573 was published Jan 12, 2022
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software... High Unreviewed
CVE-2021-34704 was published Jan 12, 2022
My Cloud OS 5 was vulnerable to a pre-authenticated stack overflow vulnerability on the FTP... Critical Unreviewed
CVE-2022-22989 was published Jan 14, 2022
A Stack-based Buffer Overflow vulnerability in the flow processing daemon (flowd) of Juniper... High Unreviewed
CVE-2022-22178 was published Jan 20, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2021-35004 was published Jan 22, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2021-35003 was published Jan 22, 2022
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap... High Unreviewed
CVE-2021-46158 was published Feb 10, 2022
A stack-based buffer overflow vulnerability exists in both the LLMNR functionality of Sealevel... Critical Unreviewed
CVE-2021-21960 was published Feb 10, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers... Critical Unreviewed
CVE-2022-20708 was published Feb 11, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers... Critical Unreviewed
CVE-2022-20699 was published Feb 11, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers... High Unreviewed
CVE-2022-20703 was published Feb 11, 2022
A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon... High Unreviewed
CVE-2022-23946 was published Feb 12, 2022
A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon... High Unreviewed
CVE-2022-23947 was published Feb 12, 2022
Stack-based Buffer Overflow in Conda vim prior to 8.2. High Unreviewed
CVE-2022-0408 was published Feb 12, 2022
Stack overflow in PJSUA API when calling pjsua_playlist_create. An attacker-controlled ... Critical Unreviewed
CVE-2021-43301 was published Feb 17, 2022
Stack overflow in PJSUA API when calling pjsua_player_create. An attacker-controlled 'filename'... Critical Unreviewed
CVE-2021-43299 was published Feb 17, 2022
Stack overflow in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename'... Critical Unreviewed
CVE-2021-43300 was published Feb 17, 2022
A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon... High Unreviewed
CVE-2022-23804 was published Feb 17, 2022
ProTip! Advisories are also available from the GraphQL API