Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,574 advisories

Loading
nGrinder before 3.5.9 allows to set delay without limitation, which could be the cause of Denial... Low Unreviewed
CVE-2024-28214 was published Mar 7, 2024
A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC... Moderate Unreviewed
CVE-2023-42670 was published Nov 3, 2023
A vulnerability, which was classified as problematic, has been found in Tongda OA 2017 up to 11.7... Moderate Unreviewed
CVE-2024-10599 was published Nov 1, 2024
A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow... Moderate Unreviewed
CVE-2024-20526 was published Oct 23, 2024
A denial of service (DoS) vulnerability was found in OpenShift. This flaw allows attackers to... Moderate Unreviewed
CVE-2024-50311 was published Oct 22, 2024
The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation... Moderate Unreviewed
CVE-2024-31152 was published Oct 30, 2024
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240628 allows for a Denial of Service ... High Unreviewed
CVE-2024-7807 was published Oct 29, 2024
Denial of Service (DoS) vulnerability in the DMS module. Successful exploitation of this... High Unreviewed
CVE-2023-52098 was published Jan 16, 2024
A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco... High Unreviewed
CVE-2024-20351 was published Oct 23, 2024
A vulnerability in parisneo/lollms-webui version 9.8 allows for a Denial of Service (DOS) attack... High Unreviewed
CVE-2024-6959 was published Oct 13, 2024
An incorrect permissions vulnerability was reported in the Lenovo App Store app that could allow... Moderate Unreviewed
CVE-2023-6450 was published Jan 19, 2024
The login form /Login in ECi Printanista Hub (formerly FMAudit Printscout) through 2022-06-27... Moderate Unreviewed
CVE-2022-40306 was published Sep 16, 2022
A flaw was found in Bombastic, which allows authenticated users to upload compressed (bzip2 or... Moderate Unreviewed
CVE-2024-3508 was published Apr 25, 2024
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions... Moderate Unreviewed
CVE-2024-45736 was published Oct 14, 2024
When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request... Moderate Unreviewed
CVE-2023-45802 was published Oct 23, 2023
An Uncontrolled Resource Consumption vulnerability in the http daemon (httpd) of Juniper Networks... High Unreviewed
CVE-2024-47497 was published Oct 11, 2024
Uncontrolled resource consumption in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before... Moderate Unreviewed
CVE-2023-25769 was published Oct 10, 2024
A lack of rate limiting in pjActionAJaxSend in Availability Booking Calendar 5.0 allows attackers... High Unreviewed
CVE-2023-48831 was published Dec 7, 2023
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), an HTTP DoS attack... High Unreviewed
CVE-2024-7294 was published Oct 9, 2024
Denial-of-service (DoS) vulnerability exists in commplex-link service of HMI GC-A2 series. If a... High Unreviewed
CVE-2023-49140 was published Dec 12, 2023
Windows Hyper-V Denial of Service Vulnerability High Unreviewed
CVE-2024-43575 was published Oct 8, 2024
Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability High Unreviewed
CVE-2024-43541 was published Oct 8, 2024
Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability High Unreviewed
CVE-2024-43545 was published Oct 8, 2024
Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability High Unreviewed
CVE-2024-43544 was published Oct 8, 2024
Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation... High Unreviewed
CVE-2024-8626 was published Oct 8, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database