Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,897
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,181 advisories

Loading
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE... High Unreviewed
CVE-2024-4436 was published May 8, 2024
Minder's GitHub Webhook Handler vulnerable to DoS from un-validated requests High
CVE-2024-34084 was published for github.com/stacklok/minder (Go) May 7, 2024
AdamKorcz DavidKorczynski
Remote denial of service vulnerability in LAN Messenger affecting version 3.4.0. This... High Unreviewed
CVE-2024-4599 was published May 7, 2024
go-ethereum vulnerable to DoS via malicious p2p message High
CVE-2024-32972 was published for github.com/ethereum/go-ethereum (Go) May 6, 2024
An issue was discovered in includes/specials/SpecialMovePage.php in MediaWiki before 1.39.7, 1.40... High Unreviewed
CVE-2024-34506 was published May 5, 2024
Ryu Infinite Loop vulnerability High
CVE-2024-34483 was published for ryu (pip) May 5, 2024
Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service... High Unreviewed
CVE-2023-39477 was published May 3, 2024
Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service... High Unreviewed
CVE-2023-27334 was published May 3, 2024
An issue in Hipcam Cameras RealServer v.1.0 allows a remote attacker to cause a denial of service... High Unreviewed
CVE-2023-50685 was published May 2, 2024
s3-url-parser vulnerable to Denial of Service via regexes component High
CVE-2024-25355 was published for s3-url-parser (npm) May 1, 2024
Yamux Memory Exhaustion Vulnerability via Active::pending_frames property High
CVE-2024-32984 was published for yamux (Rust) May 1, 2024
jxs marten-seemann
AgeManning
In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async #PF... High Unreviewed
CVE-2024-26976 was published May 1, 2024
The O-RAN E2T I-Release Prometheus metric Increment function can crash in sctpThread.cpp for... High Unreviewed
CVE-2024-34045 was published Apr 30, 2024
An issue in Yonganda YAD-LOJ V3.0.561 allows a remote attacker to cause a denial of service via a... High Unreviewed
CVE-2024-32269 was published Apr 29, 2024
Denial of service condition in M-Files Server in versions before 24.4.13592.4 and after 23.11 ... High Unreviewed
CVE-2024-4056 was published Apr 26, 2024
An incomplete fix was shipped for the Rapid Reset (CVE-2023-44487/CVE-2023-39325) vulnerability... High Unreviewed
CVE-2023-6596 was published Apr 25, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.5 before 16... High Unreviewed
CVE-2024-2829 was published Apr 25, 2024
OpenStack Storlets arbitrary code execution vulnerability High
CVE-2024-28717 was published for storlets (pip) Apr 22, 2024
A Denial of Service (DoS) vulnerability exists in the mintplex-labs/anything-llm repository when... High Unreviewed
CVE-2024-3569 was published Apr 10, 2024
DHCP Server Service Denial of Service Vulnerability High Unreviewed
CVE-2024-26215 was published Apr 9, 2024
DHCP Server Service Denial of Service Vulnerability High Unreviewed
CVE-2024-26212 was published Apr 9, 2024
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to... High Unreviewed
CVE-2024-27316 was published Apr 4, 2024
In the Linux kernel, the following vulnerability has been resolved: lan966x: Fix crash when... High Unreviewed
CVE-2024-26723 was published Apr 3, 2024
QUIC's Connection ID Mechanism vulnerable to Memory Exhaustion Attack High
CVE-2024-22189 was published for github.com/quic-go/quic-go (Go) Apr 2, 2024
marten-seemann
IBM Common Cryptographic Architecture (CCA) 7.0.0 through 7.5.36 could allow a remote user to... High Unreviewed
CVE-2023-47150 was published Mar 26, 2024
ProTip! Advisories are also available from the GraphQL API