GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,181 advisories
Filter by severity
An issue was discovered in Technitium 11.0.2. There is a vulnerability (called BadDNS) in DNS...
High
Unreviewed
CVE-2023-28451
was published
Sep 18, 2024
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7,...
High
Unreviewed
CVE-2024-44169
was published
Sep 17, 2024
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-44160
was published
Sep 17, 2024
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in...
High
Unreviewed
CVE-2024-40841
was published
Sep 17, 2024
This issue was addressed through improved state management. This issue is fixed in iOS 18 and...
High
Unreviewed
CVE-2024-27874
was published
Sep 17, 2024
DHCP Server Service Denial of Service Vulnerability
High
Unreviewed
CVE-2024-38236
was published
Sep 10, 2024
A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All...
High
Unreviewed
CVE-2024-43647
was published
Sep 10, 2024
Missing connection timeout in Aardvark-dns
High
CVE-2024-8418
was published
for
aardvark-dns
(Rust)
Sep 4, 2024
Flowise Unauthenticated Denial of Service (DoS) vulnerability
High
CVE-2024-8182
was published
for
flowise
(npm)
Aug 27, 2024
There is a LOW severity vulnerability affecting CPython, specifically the
'http.cookies' standard...
High
Unreviewed
CVE-2024-7592
was published
Aug 19, 2024
Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in...
High
Unreviewed
CVE-2024-42980
was published
Aug 15, 2024
Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the delno parameter in...
High
Unreviewed
CVE-2024-42981
was published
Aug 15, 2024
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the Go parameter in...
High
Unreviewed
CVE-2024-42950
was published
Aug 15, 2024
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the mit_pptpusrpw...
High
Unreviewed
CVE-2024-42951
was published
Aug 15, 2024
Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in...
High
Unreviewed
CVE-2024-42969
was published
Aug 15, 2024
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the PPPOEPassword...
High
Unreviewed
CVE-2024-42943
was published
Aug 15, 2024
In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs)...
High
Unreviewed
CVE-2024-41727
was published
Aug 14, 2024
Microsoft Security Advisory CVE-2024-38168 | .NET Denial of Service Vulnerability
High
CVE-2024-38168
was published
for
Microsoft.AspNetCore.App.Runtime.win-arm
(NuGet)
Aug 13, 2024
A DLL hijacking vulnerability in AMD μProf could allow an attacker to achieve privilege...
High
Unreviewed
CVE-2023-31348
was published
Aug 13, 2024
PrivX before 34.0 allows data exfiltration and denial of service via the REST API. This is fixed...
High
Unreviewed
CVE-2024-30170
was published
Aug 6, 2024
fast-xml-parser vulnerable to ReDOS at currency parsing
High
CVE-2024-41818
was published
for
fast-xml-parser
(npm)
Jul 29, 2024
Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint
High
CVE-2024-40634
was published
for
github.com/argoproj/argo-cd
(Go)
Jul 22, 2024
A Denial of Service vulnerability was identified in GitHub Enterprise Server that allowed an...
High
Unreviewed
CVE-2024-5795
was published
Jul 17, 2024
Fiona affected by CVE-2020-14152 related to madler-zlib
High
GHSA-g4m4-9q4c-mfw6
was published
for
fiona
(pip)
Jul 16, 2024
An Uncontrolled Resource Consumption vulnerability in the aftmand process of Juniper Networks...
High
Unreviewed
CVE-2024-39548
was published
Jul 11, 2024
ProTip!
Advisories are also available from the
GraphQL API