GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,317 advisories
Filter by severity
In Srelay (the SOCKS proxy and Relay) v.0.4.8p3, a specially crafted network payload can trigger...
High
Unreviewed
CVE-2024-25398
was published
Feb 27, 2024
CWA-2023-004: Excessive number of function parameters in compiled Wasm
Moderate
GHSA-75qh-gg76-p2w4
was published
for
cosmwasm-vm
(Go)
Aug 27, 2024
Flowise Unauthenticated Denial of Service (DoS) vulnerability
High
CVE-2024-8182
was published
for
flowise
(npm)
Aug 27, 2024
rustix's `rustix::fs::Dir` iterator with the `linux_raw` backend can cause memory explosion
Moderate
CVE-2024-43806
was published
for
rustix
(Rust)
Oct 18, 2023
Denial of service condition in M-Files Server in versions before 24.4.13592.4 and after 23.11 ...
High
Unreviewed
CVE-2024-4056
was published
Apr 26, 2024
Denial of service condition in M-Files Server in versions before 24.2 (excluding 23.2 SR7 and 23...
Moderate
Unreviewed
CVE-2024-0563
was published
Feb 23, 2024
Mattermost Plugin Channel Export excessive resource consumption
Moderate
CVE-2024-43105
was published
for
github.com/mattermost/mattermost-plugin-channel-export
(Go)
Aug 23, 2024
ReDoS flaw in RefMatcher when matching branch names using wildcards in GitLab EE/CE affecting all...
Moderate
Unreviewed
CVE-2024-2800
was published
Aug 8, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.10 prior to 17.0...
Moderate
Unreviewed
CVE-2024-3114
was published
Aug 8, 2024
Soot Infinite Loop vulnerability
High
CVE-2023-46442
was published
for
org.soot-oss:soot
(Maven)
May 24, 2024
Kwik does not discard unused encryption keys
Moderate
CVE-2024-22588
was published
for
tech.kwik:kwik
(Maven)
May 24, 2024
The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service ...
High
Unreviewed
CVE-2024-33655
was published
Jun 6, 2024
A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions prior...
Moderate
Unreviewed
CVE-2024-8041
was published
Aug 22, 2024
The Mirai botnet through 2024-08-19 mishandles simultaneous TCP connections to the CNC (command...
Critical
Unreviewed
CVE-2024-45163
was published
Aug 22, 2024
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input...
Critical
Unreviewed
CVE-2024-45166
was published
Aug 22, 2024
Mattermost versions 9.5.x <= 9.5.7 and 9.10.x <= 9.10.0 fail to time limit and size limit the CA...
Moderate
Unreviewed
CVE-2024-39810
was published
Aug 22, 2024
Fiona affected by CVE-2020-14152 related to madler-zlib
High
GHSA-g4m4-9q4c-mfw6
was published
for
fiona
(pip)
Jul 16, 2024
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the Go parameter in...
High
Unreviewed
CVE-2024-42950
was published
Aug 15, 2024
Potential Denial-of-Service in bindata
Low
CVE-2021-32823
was published
for
bindata
(RubyGems)
Jun 23, 2021
fugit parse and parse_nat stall on lengthy input
Moderate
CVE-2024-43380
was published
for
fugit
(RubyGems)
Aug 19, 2024
Memory leaks in code encrypting and verifying RSA payloads
High
CVE-2024-1394
was published
for
github.com/golang-fips/go
(Go)
Mar 20, 2024
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via...
Moderate
Unreviewed
CVE-2024-33774
was published
May 14, 2024
In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs)...
High
Unreviewed
CVE-2024-41727
was published
Aug 14, 2024
An issue in Yonganda YAD-LOJ V3.0.561 allows a remote attacker to cause a denial of service via a...
High
Unreviewed
CVE-2024-32269
was published
Apr 29, 2024
Flooding SNS firewall 3.7.0 to 3.7.26 with udp or icmp randomizing the source through an internal...
High
Unreviewed
CVE-2022-27812
was published
Aug 25, 2022
ProTip!
Advisories are also available from the
GraphQL API