Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,317 advisories

Loading
In Srelay (the SOCKS proxy and Relay) v.0.4.8p3, a specially crafted network payload can trigger... High Unreviewed
CVE-2024-25398 was published Feb 27, 2024
CWA-2023-004: Excessive number of function parameters in compiled Wasm Moderate
GHSA-75qh-gg76-p2w4 was published for cosmwasm-vm (Go) Aug 27, 2024
Flowise Unauthenticated Denial of Service (DoS) vulnerability High
CVE-2024-8182 was published for flowise (npm) Aug 27, 2024
rustix's `rustix::fs::Dir` iterator with the `linux_raw` backend can cause memory explosion Moderate
CVE-2024-43806 was published for rustix (Rust) Oct 18, 2023
cyqsimon sigmaSd
popey
Denial of service condition in M-Files Server in versions before 24.4.13592.4 and after 23.11 ... High Unreviewed
CVE-2024-4056 was published Apr 26, 2024
Denial of service condition in M-Files Server in versions before 24.2 (excluding 23.2 SR7 and 23... Moderate Unreviewed
CVE-2024-0563 was published Feb 23, 2024
Mattermost Plugin Channel Export excessive resource consumption Moderate
CVE-2024-43105 was published for github.com/mattermost/mattermost-plugin-channel-export (Go) Aug 23, 2024
c0rydoras
ReDoS flaw in RefMatcher when matching branch names using wildcards in GitLab EE/CE affecting all... Moderate Unreviewed
CVE-2024-2800 was published Aug 8, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.10 prior to 17.0... Moderate Unreviewed
CVE-2024-3114 was published Aug 8, 2024
Soot Infinite Loop vulnerability High
CVE-2023-46442 was published for org.soot-oss:soot (Maven) May 24, 2024
Kwik does not discard unused encryption keys Moderate
CVE-2024-22588 was published for tech.kwik:kwik (Maven) May 24, 2024
The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service ... High Unreviewed
CVE-2024-33655 was published Jun 6, 2024
A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions prior... Moderate Unreviewed
CVE-2024-8041 was published Aug 22, 2024
The Mirai botnet through 2024-08-19 mishandles simultaneous TCP connections to the CNC (command... Critical Unreviewed
CVE-2024-45163 was published Aug 22, 2024
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input... Critical Unreviewed
CVE-2024-45166 was published Aug 22, 2024
Mattermost versions 9.5.x <= 9.5.7 and 9.10.x <= 9.10.0 fail to time limit and size limit the CA... Moderate Unreviewed
CVE-2024-39810 was published Aug 22, 2024
Fiona affected by CVE-2020-14152 related to madler-zlib High
GHSA-g4m4-9q4c-mfw6 was published for fiona (pip) Jul 16, 2024
sgillies
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the Go parameter in... High Unreviewed
CVE-2024-42950 was published Aug 15, 2024
Potential Denial-of-Service in bindata Low
CVE-2021-32823 was published for bindata (RubyGems) Jun 23, 2021
fugit parse and parse_nat stall on lengthy input Moderate
CVE-2024-43380 was published for fugit (RubyGems) Aug 19, 2024
personnumber3377 bensheldon
Memory leaks in code encrypting and verifying RSA payloads High
CVE-2024-1394 was published for github.com/golang-fips/go (Go) Mar 20, 2024
qmuntal r3kumar
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via... Moderate Unreviewed
CVE-2024-33774 was published May 14, 2024
In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs)... High Unreviewed
CVE-2024-41727 was published Aug 14, 2024
An issue in Yonganda YAD-LOJ V3.0.561 allows a remote attacker to cause a denial of service via a... High Unreviewed
CVE-2024-32269 was published Apr 29, 2024
Flooding SNS firewall 3.7.0 to 3.7.26 with udp or icmp randomizing the source through an internal... High Unreviewed
CVE-2022-27812 was published Aug 25, 2022
ProTip! Advisories are also available from the GraphQL API