Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

809 advisories

Loading
Windows Hyper-V Denial of Service Vulnerability High Unreviewed
CVE-2024-43567 was published Oct 8, 2024
Improper resource management in firmware of some Solidigm DC Products may allow an attacker to... Moderate Unreviewed
CVE-2024-47969 was published Oct 8, 2024
Improper resource initialization handling in firmware of some Solidigm DC Products may allow an... Critical Unreviewed
CVE-2024-47967 was published Oct 7, 2024
async-graphql Directive Overload High
CVE-2024-47614 was published for async-graphql (Rust) Oct 3, 2024
MindPatch
A memory allocation issue in vernemq v2.0.1 allows attackers to cause a Denial of Service (DoS)... High Unreviewed
CVE-2024-44459 was published Sep 12, 2024
Possible NLDAP Denial of Service attack Vulnerability in eDirectory has been discovered in... High Unreviewed
CVE-2021-22532 was published Sep 12, 2024
In the Linux kernel, the following vulnerability has been resolved: nouveau/firmware: use dma... Moderate Unreviewed
CVE-2024-45012 was published Sep 11, 2024
In the Linux kernel, the following vulnerability has been resolved: s390/boot: Avoid possible... Moderate Unreviewed
CVE-2024-45014 was published Sep 11, 2024
Having a large number of address headers (From, To, Cc, Bcc, etc.) becomes excessively CPU... Moderate Unreviewed
CVE-2024-23184 was published Sep 10, 2024
Very large headers can cause resource exhaustion when parsing message. The message-parser... High Unreviewed
CVE-2024-23185 was published Sep 10, 2024
An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation... Moderate Unreviewed
CVE-2024-7734 was published Sep 10, 2024
Marinus Pfund, member of the AXIS OS Bug Bounty Program, has found the VAPIX API alwaysmulti.cgi... Moderate Unreviewed
CVE-2024-6509 was published Sep 10, 2024
IBM MQ Operator 2.0.26 and 3.2.4 could allow a local user to cause a denial of service due to... Moderate Unreviewed
CVE-2024-40680 was published Sep 7, 2024
Vertx gRPC server does not limit the maximum message size Moderate
CVE-2024-8391 was published for io.vertx:vertx-grpc-client (Maven) Sep 4, 2024
freewvs vulnerable to denial of service through large files Low
CVE-2020-15100 was published for freewvs (pip) Aug 30, 2024
Apollo Router Coprocessors may cause Denial-of-Service when handling request bodies High
CVE-2024-43783 was published for apollo-router (Rust) Aug 27, 2024
The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local denial-of-service... Moderate Unreviewed
CVE-2024-41175 was published Aug 27, 2024
Spring Framework vulnerable to Denial of Service Moderate
CVE-2024-38808 was published for org.springframework:spring-expression (Maven) Aug 20, 2024
ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps... Critical Unreviewed
CVE-2024-44083 was published Aug 19, 2024
Miniscript allows stack consumption Moderate
CVE-2024-44073 was published for miniscript (Rust) Aug 19, 2024
apoelstra
In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in... Moderate Unreviewed
CVE-2024-43856 was published Aug 17, 2024
When performing an online tag generation to devices which communicate using the ControlLogix... Moderate Unreviewed
CVE-2024-6098 was published Aug 16, 2024
Russh has an OOM Denial of Service due to allocation of untrusted amount High
CVE-2024-43410 was published for russh (Rust) Aug 14, 2024
Noratrieb Eugeny
In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs)... High Unreviewed
CVE-2024-41727 was published Aug 14, 2024
If exploited, this vulnerability could cause a SuiteLink server to consume excessive system... High Unreviewed
CVE-2024-7113 was published Aug 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database