GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,031 advisories
Filter by severity
Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R...
Moderate
Unreviewed
CVE-2024-21823
was published
May 16, 2024
Denial of service of Minder Server with attacker-controlled REST endpoint
Moderate
CVE-2024-35185
was published
for
github.com/stacklok/minder
(Go)
May 16, 2024
REXML contains a denial of service vulnerability
Moderate
CVE-2024-35176
was published
for
rexml
(RubyGems)
May 16, 2024
A denial of service exists in Gvisor Sandbox where a bug in reference counting code in mount...
Moderate
Unreviewed
CVE-2023-7258
was published
May 15, 2024
TYPO3 vulnerable to an Uncontrolled Resource Consumption in the ShowImageController
Moderate
CVE-2024-34358
was published
for
typo3/cms-core
(Composer)
May 14, 2024
DHCP Server Service Denial of Service Vulnerability
Moderate
Unreviewed
CVE-2024-30019
was published
May 14, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All...
Moderate
Unreviewed
CVE-2024-33498
was published
May 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 prior to...
Moderate
Unreviewed
CVE-2024-4539
was published
May 14, 2024
Uncontrolled resource consumption vulnerability in White Bear Solutions WBSAirback, version 21.02...
Moderate
Unreviewed
CVE-2024-3789
was published
May 14, 2024
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via...
Moderate
Unreviewed
CVE-2024-33774
was published
May 14, 2024
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.
Moderate
CVE-2024-29857
was published
for
BouncyCastle
(Maven)
May 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.11 prior to...
Moderate
Unreviewed
CVE-2024-2454
was published
May 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.7, all versions...
Moderate
Unreviewed
CVE-2024-2651
was published
May 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to...
Moderate
Unreviewed
CVE-2023-6682
was published
May 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.11 prior to...
Moderate
Unreviewed
CVE-2023-6688
was published
May 14, 2024
No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5...
Moderate
Unreviewed
CVE-2024-1930
was published
May 8, 2024
In multiple functions of SnoozeHelper.java, there is a possible persistent denial of service due...
Moderate
Unreviewed
CVE-2024-0026
was published
May 7, 2024
An issue discovered in httpd in ASUS RT-AC51U with firmware version up to and including 3.0.0.4...
Moderate
Unreviewed
CVE-2023-31889
was published
Apr 29, 2024
Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences
Moderate
CVE-2024-32476
was published
for
github.com/argoproj/argo-cd/v2
(Go)
Apr 26, 2024
Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component...
Moderate
Unreviewed
CVE-2024-33259
was published
Apr 26, 2024
Mattermost fails to limit the number of active sessions
Moderate
CVE-2024-4183
was published
for
github.com/mattermost/mattermost-server
(Go)
Apr 26, 2024
python-jose denial of service via compressed JWE content
Moderate
CVE-2024-33664
was published
for
python-jose
(pip)
Apr 26, 2024
Denial of service in Kubernetes
Moderate
CVE-2020-8557
was published
for
k8s.io/kubernetes/pkg/kubelet
(Go)
Apr 24, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ...
Moderate
Unreviewed
CVE-2024-21057
was published
Apr 17, 2024
parisneo/lollms-webui is vulnerable to a denial of service (DoS) attack due to uncontrolled...
Moderate
Unreviewed
CVE-2024-1569
was published
Apr 16, 2024
ProTip!
Advisories are also available from the
GraphQL API