GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,317 advisories
Filter by severity
OCI image importer memory exhaustion in github.com/containerd/containerd
Moderate
CVE-2023-25153
was published
for
github.com/containerd/containerd
(Go)
Feb 16, 2023
In Minikin, there is a possible way to trigger ANR by showing a malicious message due to resource...
High
Unreviewed
CVE-2023-21339
was published
Oct 30, 2023
regular expression denial-of-service (ReDoS) in Bleach
High
CVE-2020-6817
was published
for
bleach
(pip)
Mar 30, 2020
nGrinder before 3.5.9 allows to set delay without limitation, which could be the cause of Denial...
Unknown
Unreviewed
CVE-2024-28214
was published
Mar 7, 2024
Vba32 Antivirus v3.36.0 is vulnerable to a Denial of Service vulnerability by triggering the...
Moderate
Unreviewed
CVE-2024-23441
was published
Jan 29, 2024
IObit Malware Fighter v11.0.0.1274 is vulnerable to a Denial of Service vulnerability by...
Moderate
Unreviewed
CVE-2024-0430
was published
Jan 22, 2024
An uncontrolled resource consumption vulnerability issue that could arise by sending crafted...
Moderate
Unreviewed
CVE-2023-22819
was published
Feb 6, 2024
An issue discovered in Nanoleaf Light strip v3.5.10 allows attackers to cause a denial of service...
High
Unreviewed
CVE-2023-45955
was published
Oct 31, 2023
Artifex Software jbig2dec v0.20 was discovered to contain a SEGV vulnerability via jbig2_error at...
Moderate
Unreviewed
CVE-2023-46361
was published
Oct 31, 2023
python-jose denial of service via compressed JWE content
Moderate
CVE-2024-33664
was published
for
python-jose
(pip)
Apr 26, 2024
There is a LOW severity vulnerability affecting CPython, specifically the
'http.cookies' standard...
High
Unreviewed
CVE-2024-7592
was published
Aug 19, 2024
Missing connection timeout in Aardvark-dns
High
CVE-2024-8418
was published
for
aardvark-dns
(Rust)
Sep 4, 2024
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component (*Column)...
Moderate
Unreviewed
CVE-2024-41434
was published
Sep 3, 2024
IBM AIX's 7.3 Python implementation could allow a non-privileged local user to exploit a...
Moderate
Unreviewed
CVE-2023-45167
was published
Nov 10, 2023
An issue was discovered in GitLab CE/EE affecting all versions starting from 9.2 prior to 16.11.5...
Moderate
Unreviewed
CVE-2024-1493
was published
Jun 27, 2024
Vulnerability in the Oracle Database Portable Clusterware component of Oracle Database Server. ...
Moderate
Unreviewed
CVE-2024-21126
was published
Jul 17, 2024
ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps...
Critical
Unreviewed
CVE-2024-44083
was published
Aug 19, 2024
A possibility of unwanted server memory consumption was detected through the obsolete...
Moderate
Unreviewed
CVE-2023-6117
was published
Nov 22, 2023
A vulnerable API method in M-Files Server before 23.12.13195.0 allows for uncontrolled resource...
Moderate
Unreviewed
CVE-2023-6910
was published
Dec 20, 2023
User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4...
Moderate
Unreviewed
CVE-2023-0382
was published
Apr 5, 2023
User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4...
High
Unreviewed
CVE-2023-0383
was published
Apr 20, 2023
User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4...
High
Unreviewed
CVE-2023-0384
was published
Apr 20, 2023
latchset jose through version 11 allows attackers to cause a denial of service (CPU consumption)...
High
Unreviewed
CVE-2023-50967
was published
Mar 20, 2024
ProTip!
Advisories are also available from the
GraphQL API