GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,897
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,181 advisories
Filter by severity
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE...
High
Unreviewed
CVE-2024-4436
was published
May 8, 2024
Minder's GitHub Webhook Handler vulnerable to DoS from un-validated requests
High
CVE-2024-34084
was published
for
github.com/stacklok/minder
(Go)
May 7, 2024
Remote denial of service vulnerability in LAN Messenger affecting version 3.4.0. This...
High
Unreviewed
CVE-2024-4599
was published
May 7, 2024
go-ethereum vulnerable to DoS via malicious p2p message
High
CVE-2024-32972
was published
for
github.com/ethereum/go-ethereum
(Go)
May 6, 2024
An issue was discovered in includes/specials/SpecialMovePage.php in MediaWiki before 1.39.7, 1.40...
High
Unreviewed
CVE-2024-34506
was published
May 5, 2024
Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service...
High
Unreviewed
CVE-2023-39477
was published
May 3, 2024
Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service...
High
Unreviewed
CVE-2023-27334
was published
May 3, 2024
An issue in Hipcam Cameras RealServer v.1.0 allows a remote attacker to cause a denial of service...
High
Unreviewed
CVE-2023-50685
was published
May 2, 2024
s3-url-parser vulnerable to Denial of Service via regexes component
High
CVE-2024-25355
was published
for
s3-url-parser
(npm)
May 1, 2024
Yamux Memory Exhaustion Vulnerability via Active::pending_frames property
High
CVE-2024-32984
was published
for
yamux
(Rust)
May 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
KVM: Always flush async #PF...
High
Unreviewed
CVE-2024-26976
was published
May 1, 2024
The O-RAN E2T I-Release Prometheus metric Increment function can crash in sctpThread.cpp for...
High
Unreviewed
CVE-2024-34045
was published
Apr 30, 2024
An issue in Yonganda YAD-LOJ V3.0.561 allows a remote attacker to cause a denial of service via a...
High
Unreviewed
CVE-2024-32269
was published
Apr 29, 2024
Denial of service condition in M-Files Server in versions before 24.4.13592.4 and after 23.11 ...
High
Unreviewed
CVE-2024-4056
was published
Apr 26, 2024
An incomplete fix was shipped for the Rapid Reset (CVE-2023-44487/CVE-2023-39325) vulnerability...
High
Unreviewed
CVE-2023-6596
was published
Apr 25, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.5 before 16...
High
Unreviewed
CVE-2024-2829
was published
Apr 25, 2024
OpenStack Storlets arbitrary code execution vulnerability
High
CVE-2024-28717
was published
for
storlets
(pip)
Apr 22, 2024
A Denial of Service (DoS) vulnerability exists in the mintplex-labs/anything-llm repository when...
High
Unreviewed
CVE-2024-3569
was published
Apr 10, 2024
DHCP Server Service Denial of Service Vulnerability
High
Unreviewed
CVE-2024-26215
was published
Apr 9, 2024
DHCP Server Service Denial of Service Vulnerability
High
Unreviewed
CVE-2024-26212
was published
Apr 9, 2024
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to...
High
Unreviewed
CVE-2024-27316
was published
Apr 4, 2024
In the Linux kernel, the following vulnerability has been resolved:
lan966x: Fix crash when...
High
Unreviewed
CVE-2024-26723
was published
Apr 3, 2024
QUIC's Connection ID Mechanism vulnerable to Memory Exhaustion Attack
High
CVE-2024-22189
was published
for
github.com/quic-go/quic-go
(Go)
Apr 2, 2024
IBM Common Cryptographic Architecture (CCA) 7.0.0 through 7.5.36 could allow a remote user to...
High
Unreviewed
CVE-2023-47150
was published
Mar 26, 2024
ProTip!
Advisories are also available from the
GraphQL API