GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,156
Erlang
30
GitHub Actions
19
Go
1,966
Maven
5,000+
npm
3,694
NuGet
653
pip
3,311
Pub
11
RubyGems
881
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,301 advisories
Filter by severity
Untrusted data can lead to DoS attack due to hash collisions and stack overflow in MessagePack
Moderate
CVE-2020-5234
was published
for
MessagePack
(NuGet)
Jan 31, 2020
Delta Electronics CNCSoft Versions 1.01.30 and prior are vulnerable to a stack-based buffer...
High
Unreviewed
CVE-2021-43982
was published
Dec 10, 2021
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All...
High
Unreviewed
CVE-2021-44432
was published
Dec 15, 2021
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.41), POWER METER...
High
Unreviewed
CVE-2021-44165
was published
Dec 15, 2021
Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to a...
High
Unreviewed
CVE-2021-38413
was published
Dec 21, 2021
FATEK WinProladder Versions 3.30_24518 and prior are vulnerable to a stack-based buffer overflow...
High
Unreviewed
CVE-2021-43556
was published
Dec 29, 2021
ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper...
High
Unreviewed
CVE-2021-44158
was published
Jan 4, 2022
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software...
High
Unreviewed
CVE-2021-34704
was published
Jan 12, 2022
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software...
High
Unreviewed
CVE-2021-1573
was published
Jan 12, 2022
My Cloud OS 5 was vulnerable to a pre-authenticated stack overflow vulnerability on the FTP...
Critical
Unreviewed
CVE-2022-22989
was published
Jan 14, 2022
A Stack-based Buffer Overflow vulnerability in the flow processing daemon (flowd) of Juniper...
High
Unreviewed
CVE-2022-22178
was published
Jan 20, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
Critical
Unreviewed
CVE-2021-35004
was published
Jan 22, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
Critical
Unreviewed
CVE-2021-35003
was published
Jan 22, 2022
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap...
High
Unreviewed
CVE-2021-46158
was published
Feb 10, 2022
A stack-based buffer overflow vulnerability exists in both the LLMNR functionality of Sealevel...
Critical
Unreviewed
CVE-2021-21960
was published
Feb 10, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers...
Critical
Unreviewed
CVE-2022-20708
was published
Feb 11, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers...
Critical
Unreviewed
CVE-2022-20701
was published
Feb 11, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers...
Critical
Unreviewed
CVE-2022-20699
was published
Feb 11, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers...
High
Unreviewed
CVE-2022-20703
was published
Feb 11, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers...
Critical
Unreviewed
CVE-2022-20700
was published
Feb 11, 2022
A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon...
High
Unreviewed
CVE-2022-23946
was published
Feb 12, 2022
A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon...
High
Unreviewed
CVE-2022-23947
was published
Feb 12, 2022
Stack-based Buffer Overflow in Conda vim prior to 8.2.
High
Unreviewed
CVE-2022-0408
was published
Feb 12, 2022
Stack overflow in PJSUA API when calling pjsua_playlist_create. An attacker-controlled ...
Critical
Unreviewed
CVE-2021-43301
was published
Feb 17, 2022
Stack overflow in PJSUA API when calling pjsua_player_create. An attacker-controlled 'filename'...
Critical
Unreviewed
CVE-2021-43299
was published
Feb 17, 2022
ProTip!
Advisories are also available from the
GraphQL API