GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,249
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,723
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
25 advisories
Filter by severity
Excessive memory allocation
Moderate
CVE-2018-12541
was published
for
io.vertx:vertx-core
(Maven)
Oct 17, 2018
Uncontrolled Memory Allocation in Apache PDFBox
Moderate
CVE-2021-27906
was published
for
org.apache.pdfbox:pdfbox
(Maven)
May 13, 2021
Uncontrolled memory consumption
Moderate
CVE-2021-31811
was published
for
org.apache.pdfbox:pdfbox
(Maven)
Jun 15, 2021
Memory over-allocation in evm-core
Moderate
GHSA-773q-5334-5gf9
was published
for
evm-core
(Rust)
Aug 25, 2021
Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes
Moderate
CVE-2020-8551
was published
for
k8s.io/kubernetes
(Go)
Feb 15, 2022
Kubernetes API Server DoS Via API Requests
Moderate
CVE-2020-8552
was published
for
k8s.io/apiserver
(Go)
Feb 15, 2022
A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated...
Moderate
Unreviewed
CVE-2022-20717
was published
Apr 16, 2022
Symfony Denial of Service Via Long Password Hashing
Moderate
CVE-2013-5958
was published
for
symfony/polyfill
(Composer)
May 17, 2022
A vulnerability in the logging subsystem of Cisco Data Center Network Manager (DCNM) could...
Moderate
Unreviewed
CVE-2021-1283
was published
May 24, 2022
A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an...
Moderate
Unreviewed
CVE-2021-1568
was published
May 24, 2022
docconv vulnerable to Memory Allocation with Excessive Size Value
Moderate
CVE-2022-4741
was published
for
code.sajari.com/docconv
(Go)
Dec 25, 2022
A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for...
Moderate
Unreviewed
CVE-2023-20202
was published
Sep 27, 2023
In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that...
Moderate
Unreviewed
CVE-2023-0809
was published
Oct 2, 2023
RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of...
Moderate
Unreviewed
CVE-2023-5371
was published
Oct 4, 2023
Uncontrolled resource consumption in Zoom Team Chat for Zoom Desktop Client for Windows and Zoom...
Moderate
Unreviewed
CVE-2023-39203
was published
Nov 15, 2023
A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code...
Moderate
Unreviewed
CVE-2024-2494
was published
Mar 21, 2024
SixLabors.ImageSharp vulnerable to Memory Allocation with Excessive Size Value
Moderate
CVE-2024-32035
was published
for
SixLabors.ImageSharp
(NuGet)
Apr 15, 2024
@grpc/grpc-js can allocate memory for incoming messages well above configured limits
Moderate
CVE-2024-37168
was published
for
@grpc/grpc-js
(npm)
Jun 10, 2024
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to a denial of service attack...
Moderate
Unreviewed
CVE-2024-35116
was published
Jun 29, 2024
SixLabors ImageSharp has Excessive Memory Allocation in Gif Decoder
Moderate
CVE-2024-41132
was published
for
SixLabors.ImageSharp
(NuGet)
Jul 22, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an...
Moderate
Unreviewed
CVE-2024-35152
was published
Aug 14, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 could allow an...
Moderate
Unreviewed
CVE-2024-37529
was published
Aug 14, 2024
IBM MQ Operator 2.0.26 and 3.2.4 could allow a local user to cause a denial of service due to...
Moderate
Unreviewed
CVE-2024-40680
was published
Sep 7, 2024
A vulnerability in the TL1 function of Cisco Network Convergence System (NCS) 4000 Series...
Moderate
Unreviewed
CVE-2022-20845
was published
Nov 15, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is...
Moderate
Unreviewed
CVE-2024-41761
was published
Nov 23, 2024
ProTip!
Advisories are also available from the
GraphQL API