GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
35 advisories
Filter by severity
Improper Handling of Length Parameter Inconsistency in Compress
High
CVE-2021-35516
was published
for
org.apache.commons:commons-compress
(Maven)
Aug 2, 2021
Improper Handling of Length Parameter Inconsistency in Compress
High
CVE-2021-35517
was published
for
org.apache.commons:commons-compress
(Maven)
Aug 2, 2021
Improper Handling of Length Parameter Inconsistency in Compress
High
CVE-2021-36090
was published
for
org.apache.commons:commons-compress
(Maven)
Aug 2, 2021
Improper Handling of Length Parameter Inconsistency in Apache Ant
Moderate
CVE-2021-36373
was published
for
org.apache.ant:ant
(Maven)
Aug 2, 2021
Improper Handling of Length Parameter Inconsistency in Apache Ant
Moderate
CVE-2021-36374
was published
for
org.apache.ant:ant
(Maven)
Aug 2, 2021
Improper Handling of Length Parameter Inconsistency vulnerability in MELSEC iQ-R Series R00/01...
High
Unreviewed
CVE-2021-20610
was published
Dec 2, 2021
Duplicate advisory: swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length
High
GHSA-pv7r-9vjg-g3f9
was published
for
github.com/apple/swift-nio-http2
(Swift)
Feb 11, 2022
•
withdrawn
OCI OpenDDS versions prior to 3.18.1 do not handle a length parameter consistent with the actual...
Critical
Unreviewed
CVE-2021-38445
was published
May 6, 2022
Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point...
Low
Unreviewed
CVE-2020-16224
was published
May 24, 2022
RosarioSIS before 10.1 vulnerable to Improper Handling of Length Parameter Inconsistency
High
CVE-2022-2714
was published
for
francoisjacquet/rosariosis
(Composer)
Sep 7, 2022
rdiffweb's unlimited username field length can lead to DoS
High
CVE-2022-3290
was published
for
rdiffweb
(pip)
Sep 27, 2022
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series...
High
Unreviewed
CVE-2022-20690
was published
Dec 12, 2022
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series...
High
Unreviewed
CVE-2022-20689
was published
Dec 12, 2022
Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA...
Moderate
Unreviewed
CVE-2022-20686
was published
Dec 12, 2022
An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol...
High
Unreviewed
CVE-2023-28964
was published
Apr 18, 2023
A heap-based buffer overflow vulnerability exists in the TriangleMesh clone functionality of...
High
Unreviewed
CVE-2022-36788
was published
Apr 20, 2023
swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length
High
CVE-2022-24666
was published
for
github.com/apple/swift-nio-http2
(Swift)
May 18, 2023
Improper handling of NTS cookie length that could crash the ntpd-rs server
High
CVE-2023-33192
was published
for
ntpd
(Rust)
May 25, 2023
Jetty accepts "+" prefixed value in Content-Length
Moderate
CVE-2023-40167
was published
for
org.eclipse.jetty:jetty-http
(Maven)
Sep 14, 2023
Out of memory error when submitting the dataset form with a specially-crafted field
Moderate
CVE-2023-50248
was published
for
ckan
(pip)
Dec 13, 2023
A denial of service vulnerability exists in the OAS Engine File Data Source Configuration...
Moderate
Unreviewed
CVE-2024-24976
was published
Apr 3, 2024
Azure Private 5G Core Denial of Service Vulnerability
Moderate
Unreviewed
CVE-2024-20685
was published
Apr 9, 2024
Windows Hyper-V Denial of Service Vulnerability
Moderate
Unreviewed
CVE-2024-29064
was published
Apr 9, 2024
Server receiving a malformed message that causes a disconnect to a hostname may causing a stack...
High
Unreviewed
CVE-2023-5393
was published
Apr 11, 2024
Secure Boot Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-37988
was published
Jul 9, 2024
ProTip!
Advisories are also available from the
GraphQL API