Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

361 advisories

Loading
A security vulnerability in HPE IceWall Agent products could be exploited remotely to cause a... Moderate Unreviewed
CVE-2024-22436 was published Mar 26, 2024
Netty's HttpPostRequestDecoder can OOM Moderate
CVE-2024-29025 was published for io.netty:netty-codec-http (Maven) Mar 25, 2024
vietj
JWCrypto vulnerable to JWT bomb Attack in `deserialize` function Moderate
CVE-2024-28102 was published for jwcrypto (pip) Mar 6, 2024
P3ngu1nW
When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly... Moderate Unreviewed
CVE-2023-45290 was published Mar 6, 2024
In the Linux kernel, the following vulnerability has been resolved: HID: sony: Fix a potential... Moderate Unreviewed
CVE-2023-52529 was published Mar 3, 2024
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_codec: Fix... Moderate Unreviewed
CVE-2023-52518 was published Mar 3, 2024
In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ss - Fix... Moderate Unreviewed
CVE-2021-47057 was published Mar 1, 2024
IBM Cognos Analytics Mobile Server 11.1.7, 11.2.4, and 12.0.0 is vulnerable to Denial of Service... Moderate Unreviewed
CVE-2022-34357 was published Feb 26, 2024
Due to an allocation of resources without limits, an uncontrolled resource consumption... Moderate Unreviewed
CVE-2023-51393 was published Feb 23, 2024
Denial of service condition in M-Files Server in versions before 24.2 (excluding 23.2 SR7 and 23... Moderate Unreviewed
CVE-2024-0563 was published Feb 23, 2024
Liferay Portal vulnerable to Denial of Service Moderate
CVE-2024-26265 was published for com.liferay.portal:release.portal.bom (Maven) Feb 20, 2024
Apache Commons Compress: OutOfMemoryError unpacking broken Pack200 file Moderate
CVE-2024-26308 was published for org.apache.commons:commons-compress (Maven) Feb 19, 2024
oscerd astashys
Allocation of Resources Without Limits or Throttling vulnerability in Badge leading to a denial... Moderate Unreviewed
CVE-2024-21875 was published Feb 11, 2024
An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16... Moderate Unreviewed
CVE-2024-1066 was published Feb 8, 2024
Django denial-of-service attack in the intcomma template filter Moderate
CVE-2024-24680 was published for Django (pip) Feb 7, 2024
An uncontrolled resource consumption vulnerability issue that could arise by sending crafted... Moderate Unreviewed
CVE-2023-22819 was published Feb 6, 2024
An uncontrolled resource consumption vulnerability has been reported to affect several QNAP... Moderate Unreviewed
CVE-2023-45028 was published Feb 2, 2024
Bref's Uploaded Files Not Deleted in Event-Driven Functions Moderate
CVE-2024-24752 was published for bref/bref (Composer) Feb 1, 2024
smaury mnapoli
Memory over-allocation in evm crate Moderate
CVE-2021-29511 was published for evm (Rust) Jan 30, 2024
OpenFGA denial of service Moderate
CVE-2024-23820 was published for github.com/openfga/openfga (Go) Jan 26, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could... Moderate Unreviewed
CVE-2023-47746 was published Jan 22, 2024
By sending a specific reset UDS request via OBDII port of Skoda vehicles, it is possible to cause... Moderate Unreviewed
CVE-2023-28899 was published Jan 12, 2024
An allocation of resources without limits or throttling vulnerability [CWE-770] in FortiPAM 1.0... Moderate Unreviewed
CVE-2023-37934 was published Jan 10, 2024
CRI-O's pods can break out of resource confinement on cgroupv2 Moderate
CVE-2023-6476 was published for github.com/cri-o/cri-o (Go) Jan 10, 2024
Tal-or
In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation... Moderate Unreviewed
CVE-2024-22164 was published Jan 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database