Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,031 advisories

Loading
REXML DoS vulnerability Moderate
CVE-2024-41123 was published for rexml (RubyGems) Aug 1, 2024
An issue was discovered in Kibana where a user with Viewer role could cause a Kibana instance to... Moderate Unreviewed
CVE-2024-37281 was published Jul 31, 2024
A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma... Moderate Unreviewed
CVE-2024-27862 was published Jul 30, 2024
An issue in the Certificate Authenticated Session Establishment (CASE) protocol for establishing... Moderate Unreviewed
CVE-2024-3297 was published Jul 24, 2024
DNSJava affected by KeyTrap - NSEC3 closest encloser proof can exhaust CPU resources Moderate
GHSA-mmwx-rj87-vfgr was published for dnsjava:dnsjava (Maven) Jul 22, 2024
levpachmanov amita-seal
Vulnerability in the Oracle Database Portable Clusterware component of Oracle Database Server. ... Moderate Unreviewed
CVE-2024-21126 was published Jul 17, 2024
REXML denial of service vulnerability Moderate
CVE-2024-39908 was published for rexml (RubyGems) Jul 16, 2024
A flaw was found in libtiff. This flaw allows an attacker to create a crafted tiff file, forcing... Moderate Unreviewed
CVE-2024-6716 was published Jul 15, 2024
A flaw was found in OpenJPEG. A resource exhaustion can occur in the opj_t1_decode_cblks function... Moderate Unreviewed
CVE-2023-39329 was published Jul 13, 2024
A flaw was found in OpenJPEG. Maliciously constructed pictures can cause the program to enter a... Moderate Unreviewed
CVE-2023-39327 was published Jul 13, 2024
Windows Line Printer Daemon Service Denial of Service Vulnerability Moderate Unreviewed
CVE-2024-38027 was published Jul 9, 2024
Windows iSCSI Service Denial of Service Vulnerability Moderate Unreviewed
CVE-2024-35270 was published Jul 9, 2024
A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This flaw allows an attacker to... Moderate Unreviewed
CVE-2023-39328 was published Jul 9, 2024
zipp Denial of Service vulnerability Moderate
CVE-2024-5569 was published for zipp (pip) Jul 9, 2024
Directus GraphQL Field Duplication Denial of Service (DoS) Moderate
CVE-2024-39895 was published for @directus/env (npm) Jul 8, 2024
asantof
Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to... Moderate Unreviewed
CVE-2024-22104 was published Jul 2, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 9.2 prior to 16.11.5... Moderate Unreviewed
CVE-2024-1493 was published Jun 27, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 12.0 prior to 16.11... Moderate Unreviewed
CVE-2024-1816 was published Jun 27, 2024
Multiple Denial of Service (DoS) conditions has been discovered in GitLab CE/EE affecting all... Moderate Unreviewed
CVE-2024-4557 was published Jun 27, 2024
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The... Moderate Unreviewed
CVE-2024-33881 was published Jun 24, 2024
Improper line feed handling in zenml Moderate
CVE-2024-4460 was published for zenml (pip) Jun 24, 2024
A high-privileged user, allowed to create custom osquery packs 17 could affect the availability... Moderate Unreviewed
CVE-2024-23443 was published Jun 19, 2024
An uncontrolled resource consumption vulnerability exists in the `upload-link` endpoint of... Moderate Unreviewed
CVE-2024-5208 was published Jun 19, 2024
Minder affected by denial of service from maliciously configured Git repository Moderate
CVE-2024-37904 was published for github.com/stacklok/minder (Go) Jun 18, 2024
AdamKorcz DavidKorczynski
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.1 prior to... Moderate Unreviewed
CVE-2024-1495 was published Jun 13, 2024
ProTip! Advisories are also available from the GraphQL API