GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,387 advisories
Filter by severity
There exists a stack buffer overflow in libjxl. A specifically-crafted file can cause the JPEG XL...
Moderate
Unreviewed
CVE-2024-11498
was published
Nov 25, 2024
Tornado has an HTTP cookie parsing DoS vulnerability
High
CVE-2024-52804
was published
for
tornado
(pip)
Nov 22, 2024
Uncontrolled resource consumption in some Zoom Apps before version 6.2.0 may allow an...
Moderate
Unreviewed
CVE-2024-45420
was published
Nov 19, 2024
A flaw was found within the handling of SMB2_READ commands in the kernel ksmbd module. The issue...
Moderate
Unreviewed
CVE-2023-39180
was published
Nov 18, 2024
A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an...
High
Unreviewed
CVE-2023-20125
was published
Nov 15, 2024
A vulnerability in the PROFINET stack implementation of the IndraDrive (all versions) of Bosch...
High
Unreviewed
CVE-2024-48989
was published
Nov 13, 2024
CWE-400: An Uncontrolled Resource Consumption vulnerability exists that could cause the device to...
High
Unreviewed
CVE-2024-9409
was published
Nov 13, 2024
Denial of Service attack on windows app using netty
High
CVE-2024-47535
was published
for
io.netty:netty-common
(Maven)
Nov 12, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected...
Moderate
Unreviewed
CVE-2024-46891
was published
Nov 12, 2024
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the...
High
Unreviewed
CVE-2024-10314
was published
Nov 11, 2024
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the...
High
Unreviewed
CVE-2024-10344
was published
Nov 11, 2024
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the...
High
Unreviewed
CVE-2024-10345
was published
Nov 11, 2024
wasm3 uncontrolled memory allocation vulnerability
Moderate
CVE-2024-27529
was published
for
github.com/shareup/wasm-interpreter-apple
(pip)
Nov 9, 2024
Undertow Denial of Service vulnerability
Moderate
CVE-2023-1973
was published
for
io.undertow:undertow-core
(Maven)
Nov 7, 2024
A vulnerability, which was classified as problematic, has been found in Tongda OA 2017 up to 11.7...
Moderate
Unreviewed
CVE-2024-10599
was published
Nov 1, 2024
Gnark out-of-memory during deserialization with crafted inputs
Moderate
CVE-2024-50354
was published
for
github.com/consensys/gnark
(Go)
Oct 31, 2024
The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation...
Moderate
Unreviewed
CVE-2024-31152
was published
Oct 30, 2024
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240628 allows for a Denial of Service ...
High
Unreviewed
CVE-2024-7807
was published
Oct 29, 2024
Werkzeug possible resource exhaustion when parsing file data in forms
Moderate
CVE-2024-49767
was published
for
quart
(pip)
Oct 25, 2024
A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow...
Moderate
Unreviewed
CVE-2024-20526
was published
Oct 23, 2024
A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco...
High
Unreviewed
CVE-2024-20351
was published
Oct 23, 2024
A denial of service (DoS) vulnerability was found in OpenShift. This flaw allows attackers to...
Moderate
Unreviewed
CVE-2024-50311
was published
Oct 22, 2024
Denial of service in http-proxy-middleware
High
CVE-2024-21536
was published
for
http-proxy-middleware
(npm)
Oct 19, 2024
Exiv2 has a denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder
Moderate
CVE-2024-25112
was published
for
exiv2
(pip)
Oct 17, 2024
Eclipse Jetty's ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
Moderate
CVE-2024-8184
was published
for
org.eclipse.jetty:jetty-server
(Maven)
Oct 14, 2024
ProTip!
Advisories are also available from the
GraphQL API