Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,317 advisories

Loading
OCI image importer memory exhaustion in github.com/containerd/containerd Moderate
CVE-2023-25153 was published for github.com/containerd/containerd (Go) Feb 16, 2023
AdamKorcz DavidKorczynski
In Minikin, there is a possible way to trigger ANR by showing a malicious message due to resource... High Unreviewed
CVE-2023-21339 was published Oct 30, 2023
regular expression denial-of-service (ReDoS) in Bleach High
CVE-2020-6817 was published for bleach (pip) Mar 30, 2020
nGrinder before 3.5.9 allows to set delay without limitation, which could be the cause of Denial... Unknown Unreviewed
CVE-2024-28214 was published Mar 7, 2024
Vba32 Antivirus v3.36.0 is vulnerable to a Denial of Service vulnerability by triggering the... Moderate Unreviewed
CVE-2024-23441 was published Jan 29, 2024
IObit Malware Fighter v11.0.0.1274 is vulnerable to a Denial of Service vulnerability by... Moderate Unreviewed
CVE-2024-0430 was published Jan 22, 2024
An uncontrolled resource consumption vulnerability issue that could arise by sending crafted... Moderate Unreviewed
CVE-2023-22819 was published Feb 6, 2024
An issue discovered in Nanoleaf Light strip v3.5.10 allows attackers to cause a denial of service... High Unreviewed
CVE-2023-45955 was published Oct 31, 2023
Artifex Software jbig2dec v0.20 was discovered to contain a SEGV vulnerability via jbig2_error at... Moderate Unreviewed
CVE-2023-46361 was published Oct 31, 2023
REXML DoS vulnerability Moderate
CVE-2024-41946 was published for rexml (RubyGems) Aug 2, 2024
naitoh
REXML DoS vulnerability Moderate
CVE-2024-41123 was published for rexml (RubyGems) Aug 1, 2024
python-jose denial of service via compressed JWE content Moderate
CVE-2024-33664 was published for python-jose (pip) Apr 26, 2024
garyd203
There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard... High Unreviewed
CVE-2024-7592 was published Aug 19, 2024
Missing connection timeout in Aardvark-dns High
CVE-2024-8418 was published for aardvark-dns (Rust) Sep 4, 2024
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component (*Column)... Moderate Unreviewed
CVE-2024-41434 was published Sep 3, 2024
IBM AIX's 7.3 Python implementation could allow a non-privileged local user to exploit a... Moderate Unreviewed
CVE-2023-45167 was published Nov 10, 2023
An issue was discovered in GitLab CE/EE affecting all versions starting from 9.2 prior to 16.11.5... Moderate Unreviewed
CVE-2024-1493 was published Jun 27, 2024
Vulnerability in the Oracle Database Portable Clusterware component of Oracle Database Server. ... Moderate Unreviewed
CVE-2024-21126 was published Jul 17, 2024
ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps... Critical Unreviewed
CVE-2024-44083 was published Aug 19, 2024
A possibility of unwanted server memory consumption was detected through the obsolete... Moderate Unreviewed
CVE-2023-6117 was published Nov 22, 2023
A vulnerable API method in M-Files Server before 23.12.13195.0 allows for uncontrolled resource... Moderate Unreviewed
CVE-2023-6910 was published Dec 20, 2023
User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4... Moderate Unreviewed
CVE-2023-0382 was published Apr 5, 2023
User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4... High Unreviewed
CVE-2023-0383 was published Apr 20, 2023
User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4... High Unreviewed
CVE-2023-0384 was published Apr 20, 2023
latchset jose through version 11 allows attackers to cause a denial of service (CPU consumption)... High Unreviewed
CVE-2023-50967 was published Mar 20, 2024
ProTip! Advisories are also available from the GraphQL API