Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,651
Erlang
34
GitHub Actions
26
Go
2,252
Maven
5,000+
npm
3,904
NuGet
702
pip
3,676
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

22,329 advisories

Loading
pg-native and libpq vulnerable to uncontrolled resource consumption High
CVE-2022-25852 was published for libpq (npm) Jun 18, 2022
joshbressers
Uncontrolled Resource Consumption in @discordjs/opus High
CVE-2022-25345 was published for @discordjs/opus (npm) Jun 18, 2022
DEVTomatoCake vladfrangu
Out-of-bounds Read in fast-string-search Moderate
CVE-2022-25872 was published for fast-string-search (npm) Jun 18, 2022
Prototype Pollution in querymen Moderate
CVE-2022-25871 was published for querymen (npm) Jun 18, 2022
Authentication bypass vulnerability in Apple Game Center auth adapter High
CVE-2022-31083 was published for parse-server (npm) Jun 17, 2022
yoshmidev
XSS Vulnerability in Markdown Editor High
GHSA-85q9-7467-r53q was published for inventree (pip) Jun 17, 2022
Gaurav-G2
brotkrueml/typo3-matomo-integration vulnerable to Cross-Site Scripting Moderate
CVE-2022-33156 was published for brotkrueml/typo3-matomo-integration (Composer) Jun 17, 2022
brotkrueml/schema fails to properly encode user input for output in HTML context, leading to XSS Moderate
CVE-2022-33154 was published for brotkrueml/schema (Composer) Jun 17, 2022
Memory Allocation with Excessive Size Value in OPCFoundation.NetStandard.Opc.Ua.Core High
CVE-2022-29863 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen
Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core High
CVE-2022-29864 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen
Incorrect Implementation of Authentication Algorithm in OPCFoundation.NetStandard.Opc.Ua.Core High
CVE-2022-29865 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen
Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core High
CVE-2022-29866 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen
Security Update for the OPC UA .NET Standard Stack High
CVE-2022-29862 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen
Potential Sensitive Cookie Exposure in NPM Packages @finastra/nestjs-proxy, @ffdc/nestjs-proxy Moderate
CVE-2022-31070 was published for @finastra/nestjs-proxy (npm) Jun 17, 2022
kronoshadow
Potential Authorization Header Exposure in NPM Packages @finastra/nestjs-proxy, @ffdc/nestjs-proxy Moderate
CVE-2022-31069 was published for @finastra/nestjs-proxy (npm) Jun 17, 2022
kronoshadow
Insufficient Session Expiration in TYPO3's Admin Tool Moderate
CVE-2022-31050 was published for typo3/cms (Composer) Jun 17, 2022
waldhacker1 ohader
Cross-Site Scripting in TYPO3's Frontend Login Mailer Moderate
CVE-2022-31049 was published for typo3/cms (Composer) Jun 17, 2022
cseifert andreaskienast
Cross-Site Scripting in TYPO3's Form Framework Moderate
CVE-2022-31048 was published for typo3/cms (Composer) Jun 17, 2022
EcoGabe
Insertion of Sensitive Information into Log File in typo3/cms-core Moderate
CVE-2022-31047 was published for typo3/cms (Composer) Jun 17, 2022
mhuber84 derhansen
Information Disclosure via Export Module Moderate
CVE-2022-31046 was published for typo3/cms (Composer) Jun 17, 2022
linawolf derhansen
Rundeck's Key Storage converter plugin mechanism's encryption layer not working in 4.2.0, 4.2.1, 4.3.0 High
CVE-2022-31044 was published for org.rundeck:rundeck (Maven) Jun 17, 2022
Use After Free in Context::start_auth_session Moderate
GHSA-w3vw-ccc5-qr8v was published for tss-esapi (Rust) Jun 17, 2022
Formula Injection in Exported Data Moderate
GHSA-7rq4-qcpw-74gq was published for inventree (pip) Jun 17, 2022
saharshtapi
Unrestricted Attachment Upload High
CVE-2022-2111 was published for inventree (pip) Jun 17, 2022
saharshtapi
Insufficient HTML Sanitization High
GHSA-rm89-9g65-4ffr was published for inventree (pip) Jun 17, 2022
saharshtapi
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database