GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,181 advisories
Filter by severity
An Uncontrolled Resource Consumption vulnerability in the H.323 ALG (Application Layer Gateway)...
High
Unreviewed
CVE-2024-39551
was published
Jul 11, 2024
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows an attacker to create...
High
Unreviewed
CVE-2024-6037
was published
Jul 11, 2024
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to restart the...
High
Unreviewed
CVE-2024-6036
was published
Jul 11, 2024
An Uncontrolled Resource Consumption vulnerability in the
Layer 2 Address Learning Daemon ...
High
Unreviewed
CVE-2024-39557
was published
Jul 11, 2024
Next.js Denial of Service (DoS) condition
High
CVE-2024-39693
was published
for
next
(npm)
Jul 10, 2024
speaker vulnerable to Denial of Service
High
CVE-2024-21526
was published
for
speaker
(npm)
Jul 10, 2024
images vulnerable to Denial of Service
High
CVE-2024-21523
was published
for
images
(npm)
Jul 10, 2024
A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with...
High
Unreviewed
CVE-2024-29153
was published
Jul 9, 2024
Microsoft Security Advisory CVE-2024-30105 | .NET Denial of Service Vulnerability
High
CVE-2024-30105
was published
for
System.Text.Json
(NuGet)
Jul 9, 2024
Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
High
Unreviewed
CVE-2024-38067
was published
Jul 9, 2024
Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
High
Unreviewed
CVE-2024-38068
was published
Jul 9, 2024
Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
High
Unreviewed
CVE-2024-38031
was published
Jul 9, 2024
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
High
Unreviewed
CVE-2024-38015
was published
Jul 9, 2024
In the Linux kernel, the following vulnerability has been resolved:
drm/i915/hwmon: Get rid of...
High
Unreviewed
CVE-2024-39479
was published
Jul 5, 2024
Apache Tomcat - Denial of Service
High
CVE-2024-34750
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
Jul 3, 2024
Uncontrolled Resource Consumption vulnerability in MESbook 20221021.03 version. An...
High
Unreviewed
CVE-2024-6427
was published
Jul 3, 2024
A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted...
High
Unreviewed
CVE-2024-4467
was published
Jul 2, 2024
A path traversal vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240410, allowing...
High
Unreviewed
CVE-2024-6090
was published
Jun 27, 2024
h2o vulnerable to unexpected POST request shutting down server
High
CVE-2024-5979
was published
for
h2o
(pip)
Jun 27, 2024
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Denial of Service
...
High
Unreviewed
CVE-2024-5013
was published
Jun 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an uncontrolled resource consumption...
High
Unreviewed
CVE-2024-5011
was published
Jun 25, 2024
In the Linux kernel, the following vulnerability has been resolved:
x86/xen: Drop...
High
Unreviewed
CVE-2021-4440
was published
Jun 25, 2024
A vulnerability in mintplex-labs/anything-llm allows for a Denial of Service (DoS) condition due...
High
Unreviewed
CVE-2024-5216
was published
Jun 25, 2024
In the Linux kernel, the following vulnerability has been resolved:
blk-cgroup: fix list...
High
Unreviewed
CVE-2024-38384
was published
Jun 24, 2024
Undertow's url-encoded request path information can be broken on ajp-listener
High
CVE-2024-6162
was published
for
io.undertow:undertow-core
(Maven)
Jun 20, 2024
ProTip!
Advisories are also available from the
GraphQL API