Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

424 advisories

Loading
Resolver caches and authoritative zone databases that hold significant numbers of RRs for the... High Unreviewed
CVE-2024-1737 was published Jul 23, 2024
If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a ... High Unreviewed
CVE-2024-1975 was published Jul 23, 2024
Django vulnerable to Denial of Service High
CVE-2024-38875 was published for Django (pip) Jul 10, 2024
Django vulnerable to Denial of Service High
CVE-2024-39614 was published for Django (pip) Jul 10, 2024
A denial-of-service attack is possible through the execution functionality of KNIME Business Hub... High Unreviewed
CVE-2024-6598 was published Jul 9, 2024
OPCFoundation.NetStandard.Opc.Ua.Core buffer-management vulnerability High
CVE-2024-33862 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jul 6, 2024
Uncontrolled Resource Consumption vulnerability in MESbook 20221021.03 version. An... High Unreviewed
CVE-2024-6427 was published Jul 3, 2024
Potential memory exhaustion attack due to sparse slice deserialization High
CVE-2024-37298 was published for github.com/gorilla/schema (Go) Jul 1, 2024
AlexVasiluta
Unlimited number of NTS-KE connections can crash ntpd-rs server High
CVE-2024-38528 was published for ntpd (Rust) Jun 28, 2024
mlichvar
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to cover... High Unreviewed
CVE-2024-34027 was published Jun 24, 2024
TYPO3 Denial of Service in Frontend Record Registration High
GHSA-g585-crjf-vhwq was published for typo3/cms (Composer) Jun 7, 2024
is_closing_session() allows users to create arbitrary tcp dbus connections High Unreviewed
CVE-2022-28655 was published Jun 5, 2024
Flooding Server with Thumbnail files High
CVE-2024-32871 was published for pimcore/pimcore (Composer) Jun 4, 2024
jheimbach dandanx
TYPO3 Denial of Service in Frontend Record Registration High
GHSA-hjx5-v9xg-7h25 was published for typo3/cms-core (Composer) May 30, 2024
rack-contrib vulnerable to Denial of Service due to the unconstrained value of the incoming "profiler_runs" parameter High
CVE-2024-35231 was published for rack-contrib (RubyGems) May 28, 2024
Sim4n6 ioquatix
An excessive memory use issue (CWE-770) exists in Email-MIME, before version 1.954, which can... High Unreviewed
CVE-2024-4140 was published May 2, 2024
The O-RAN E2T I-Release Prometheus metric Increment function can crash in sctpThread.cpp for... High Unreviewed
CVE-2024-34046 was published Apr 30, 2024
In lunary-ai/lunary version 1.0.0, an authorization flaw exists that allows unauthorized radar... High Unreviewed
CVE-2024-1666 was published Apr 16, 2024
A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a... High Unreviewed
CVE-2024-3382 was published Apr 10, 2024
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to... High Unreviewed
CVE-2024-27316 was published Apr 4, 2024
amphp/http-client Denial of Service via HTTP/2 CONTINUATION Frames High
GHSA-w8gf-g2vq-j2f4 was published for amphp/http-client (Composer) Apr 3, 2024
bartekn
QUIC's Connection ID Mechanism vulnerable to Memory Exhaustion Attack High
CVE-2024-22189 was published for github.com/quic-go/quic-go (Go) Apr 2, 2024
marten-seemann
An issue was discovered in Couchbase Server 6.6.x through 7.2.0, before 7.1.5 and 7.2.1.... High Unreviewed
CVE-2023-43768 was published Mar 27, 2024
VSeeFace through 1.13.38.c2 allows attackers to cause a denial of service (application hang) via... High Unreviewed
CVE-2024-26577 was published Mar 27, 2024
In the Linux kernel, the following vulnerability has been resolved: net: lantiq: fix memory... High Unreviewed
CVE-2021-47137 was published Mar 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database