Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,030
Maven
5,000+
npm
3,732
NuGet
662
pip
3,409
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,248 advisories

Loading
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.5 before 16... High Unreviewed
CVE-2024-2829 was published Apr 25, 2024
OpenStack Storlets arbitrary code execution vulnerability High
CVE-2024-28717 was published for storlets (pip) Apr 22, 2024
A Denial of Service (DoS) vulnerability exists in the mintplex-labs/anything-llm repository when... High Unreviewed
CVE-2024-3569 was published Apr 10, 2024
DHCP Server Service Denial of Service Vulnerability High Unreviewed
CVE-2024-26212 was published Apr 9, 2024
DHCP Server Service Denial of Service Vulnerability High Unreviewed
CVE-2024-26215 was published Apr 9, 2024
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to... High Unreviewed
CVE-2024-27316 was published Apr 4, 2024
In the Linux kernel, the following vulnerability has been resolved: lan966x: Fix crash when... High Unreviewed
CVE-2024-26723 was published Apr 3, 2024
QUIC's Connection ID Mechanism vulnerable to Memory Exhaustion Attack High
CVE-2024-22189 was published for github.com/quic-go/quic-go (Go) Apr 2, 2024
marten-seemann
IBM Common Cryptographic Architecture (CCA) 7.0.0 through 7.5.36 could allow a remote user to... High Unreviewed
CVE-2023-47150 was published Mar 26, 2024
XNIO denial of service vulnerability High
CVE-2023-5685 was published for org.jboss.xnio:xnio-api (Maven) Mar 22, 2024
grosario1
latchset jose through version 11 allows attackers to cause a denial of service (CPU consumption)... High Unreviewed
CVE-2023-50967 was published Mar 20, 2024
Memory leaks in code encrypting and verifying RSA payloads High
CVE-2024-1394 was published for github.com/golang-fips/go (Go) Mar 20, 2024
qmuntal r3kumar
andrewpollock
An issue in the HistoryQosPolicy component of FastDDS v2.12.x, v2.11.x, v2.10.x, and v2.6.x leads... High Unreviewed
CVE-2024-26369 was published Mar 19, 2024
tls-listener affected by the slow loris vulnerability with default configuration High
CVE-2024-28854 was published for tls-listener (Rust) Mar 15, 2024
conradludgate
Microsoft Security Advisory CVE-2024-21392: .NET Denial of Service Vulnerability High
CVE-2024-21392 was published for Microsoft.NETCore.App.Runtime.linux-arm (NuGet) Mar 12, 2024
r3kumar TAINA-AntonyBingham
In the Linux kernel, the following vulnerability has been resolved: jfs: fix slab-out-of-bounds... High Unreviewed
CVE-2023-52602 was published Mar 6, 2024
libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. This flaw allows an... High Unreviewed
CVE-2024-25269 was published Mar 5, 2024
phpseclib does not properly limit the ASN1 OID length High
CVE-2024-27355 was published for phpseclib/phpseclib (Composer) Mar 2, 2024
phpseclib a large prime can cause a denial of service High
CVE-2024-27354 was published for phpseclib/phpseclib (Composer) Mar 2, 2024
A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS... High Unreviewed
CVE-2024-20321 was published Feb 29, 2024
In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix... High Unreviewed
CVE-2021-47023 was published Feb 28, 2024
In the Linux kernel, the following vulnerability has been resolved: net: Only allow init netns... High Unreviewed
CVE-2021-47010 was published Feb 28, 2024
In Srelay (the SOCKS proxy and Relay) v.0.4.8p3, a specially crafted network payload can trigger... High Unreviewed
CVE-2024-25398 was published Feb 27, 2024
Connection leaking on idle timeout when TCP congested High
CVE-2024-22201 was published for org.eclipse.jetty.http2:http2-common (Maven) Feb 26, 2024
luffy1949
Undertow Uncontrolled Resource Consumption Vulnerability High
CVE-2024-1635 was published for io.undertow:undertow-core (Maven) Feb 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database