Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,050 advisories

Loading
NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack contains a vulnerability in Python... Moderate Unreviewed
CVE-2024-0115 was published Aug 12, 2024
A denial-of-service vulnerability exists via the CIP/Modbus port in the Rockwell Automation... Moderate Unreviewed
CVE-2024-7567 was published Aug 13, 2024
Stack overflow when parsing specially crafted JSON ABI strings Moderate
GHSA-8327-84cj-8xjm was published for alloy-json-abi (Rust) Aug 15, 2024
A denial-of-service vulnerability was reported in some Lenovo printers that could allow an... Moderate Unreviewed
CVE-2024-4781 was published Aug 16, 2024
A denial-of-service vulnerability was reported in some Lenovo printers that could allow an... Moderate Unreviewed
CVE-2024-4782 was published Aug 16, 2024
A denial-of-service vulnerability was reported in some Lenovo printers that could allow an... Moderate Unreviewed
CVE-2024-5209 was published Aug 16, 2024
A denial-of-service vulnerability was reported in some Lenovo printers that could allow an... Moderate Unreviewed
CVE-2024-5210 was published Aug 16, 2024
A denial-of-service vulnerability was reported in some Lenovo printers that could allow an... Moderate Unreviewed
CVE-2024-6004 was published Aug 16, 2024
An issue in Silverpeas v.6.4.2 and lower allows a remote attacker to cause a denial of service... Moderate Unreviewed
CVE-2024-42849 was published Aug 16, 2024
fugit parse and parse_nat stall on lengthy input Moderate
CVE-2024-43380 was published for fugit (RubyGems) Aug 19, 2024
personnumber3377 bensheldon
Mattermost versions 9.5.x <= 9.5.7 and 9.10.x <= 9.10.0 fail to time limit and size limit the CA... Moderate Unreviewed
CVE-2024-39810 was published Aug 22, 2024
A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions prior... Moderate Unreviewed
CVE-2024-8041 was published Aug 22, 2024
Mattermost Plugin Channel Export excessive resource consumption Moderate
CVE-2024-43105 was published for github.com/mattermost/mattermost-plugin-channel-export (Go) Aug 23, 2024
c0rydoras
CWA-2023-004: Excessive number of function parameters in compiled Wasm Moderate
GHSA-75qh-gg76-p2w4 was published for cosmwasm-vm (Go) Aug 27, 2024
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component (*Column)... Moderate Unreviewed
CVE-2024-41434 was published Sep 3, 2024
vLLM Denial of Service via the best_of parameter Moderate
CVE-2024-8939 was published for vllm (pip) Sep 17, 2024
Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify... Moderate Unreviewed
CVE-2024-8892 was published Sep 18, 2024
Spring Framework DoS via conditional HTTP request Moderate
CVE-2024-38809 was published for org.springframework:spring-web (Maven) Sep 24, 2024
Denial of service in rocket chat message parser Moderate
CVE-2024-46935 was published for @rocket.chat/message-parser (npm) Sep 25, 2024
Mattermost fails to strip `embeds` from `metadata` when broadcasting `posted` events Moderate
CVE-2024-47003 was published for github.com/mattermost/mattermost/server/v8 (Go) Sep 26, 2024
c0rydoras
The swctrl service is used to detect and remotely manage PLANET Technology devices. Certain... Moderate Unreviewed
CVE-2024-8454 was published Sep 30, 2024
A vulnerability has been found in ThingsBoard up to 3.7.0 and classified as problematic. Affected... Moderate Unreviewed
CVE-2024-9358 was published Oct 1, 2024
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series... Moderate Unreviewed
CVE-2024-20500 was published Oct 2, 2024
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series... Moderate Unreviewed
CVE-2024-20502 was published Oct 2, 2024
Django vulnerable to denial-of-service attack via the urlize() and urlizetrunc() template filters Moderate
CVE-2024-45230 was published for Django (pip) Oct 8, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database