GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,897
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,181 advisories
Filter by severity
In the Linux kernel, the following vulnerability has been resolved:
net: bridge: vlan: fix...
High
Unreviewed
CVE-2022-48748
was published
Jun 20, 2024
In the Linux kernel, the following vulnerability has been resolved:
wifi: carl9170: re-fix...
High
Unreviewed
CVE-2024-38616
was published
Jun 19, 2024
STRIMZI incorrect access control
High
CVE-2024-36543
was published
for
io.strimzi:strimzi
(Maven)
Jun 17, 2024
Due to unrestricted access to the Meta Model
Repository services in SAP NetWeaver AS Java,...
High
Unreviewed
CVE-2024-34688
was published
Jun 11, 2024
go-grpc-compression has a zstd decompression bombing vulnerability
High
GHSA-87m9-rv8p-rgmg
was published
for
github.com/mostynb/go-grpc-compression
(Go)
Jun 10, 2024
Precor touchscreen console P62, P80, and P82 contains a default SSH public key in the...
High
Unreviewed
CVE-2023-49224
was published
Jun 7, 2024
An issue in obgm and Libcoap v.a3ed466 allows a remote attacker to cause a denial of service via...
High
Unreviewed
CVE-2023-51847
was published
Jun 7, 2024
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) when...
High
Unreviewed
CVE-2024-36743
was published
Jun 6, 2024
The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service ...
High
Unreviewed
CVE-2024-33655
was published
Jun 6, 2024
Apport does not disable python crash handler before entering chroot
High
Unreviewed
CVE-2022-28657
was published
Jun 5, 2024
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the lunary-ai/lunary...
High
Unreviewed
CVE-2024-4148
was published
Jun 1, 2024
Soot Infinite Loop vulnerability
High
CVE-2023-46442
was published
for
org.soot-oss:soot
(Maven)
May 24, 2024
In the Linux kernel, the following vulnerability has been resolved:
enetc: Fix illegal access...
High
Unreviewed
CVE-2021-47368
was published
May 21, 2024
In the Linux kernel, the following vulnerability has been resolved:
nexthop: Fix memory leaks in...
High
Unreviewed
CVE-2021-47371
was published
May 21, 2024
In the Linux kernel, the following vulnerability has been resolved:
net: sched: fix memory leak...
High
Unreviewed
CVE-2021-47295
was published
May 21, 2024
In the Linux kernel, the following vulnerability has been resolved:
cpufreq: CPPC: Fix potential...
High
Unreviewed
CVE-2021-47313
was published
May 21, 2024
An issue in taurusxin ncmdump v1.3.2 allows attackers to cause a Denial of Service (DoS) via...
High
Unreviewed
CVE-2024-34953
was published
May 20, 2024
In the Linux kernel, the following vulnerability has been resolved:
bcachefs: Check for journal...
High
Unreviewed
CVE-2024-35948
was published
May 20, 2024
In the Linux kernel, the following vulnerability has been resolved:
pipe: wakeup wr_wait after...
High
Unreviewed
CVE-2023-52672
was published
May 17, 2024
Uncontrolled resource consumption vulnerability in XAMPP Windows, versions 7.3.2 and earlier....
High
Unreviewed
CVE-2024-5055
was published
May 17, 2024
Denial of Service (DoS) vulnerability for Cerberus Enterprise 8.0.10.3 web administration. The...
High
Unreviewed
CVE-2024-5052
was published
May 17, 2024
Uncontrolled resource consumption in braces
High
CVE-2024-4068
was published
for
braces
(npm)
May 14, 2024
An issue was discovered on certain Nuki Home Solutions devices. By sending a malformed HTTP verb,...
High
Unreviewed
CVE-2022-32508
was published
May 14, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE...
High
Unreviewed
CVE-2024-4437
was published
May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE...
High
Unreviewed
CVE-2024-4438
was published
May 8, 2024
ProTip!
Advisories are also available from the
GraphQL API