Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,783
Erlang
36
GitHub Actions
29
Go
2,347
Maven
5,000+
npm
3,976
NuGet
720
pip
3,774
Pub
12
RubyGems
923
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,822 advisories

Loading
Undertow Uncontrolled Resource Consumption Vulnerability High
CVE-2024-1635 was published for io.undertow:undertow-core (Maven) Feb 20, 2024
Liferay Portal vulnerable to Denial of Service Moderate
CVE-2024-26265 was published for com.liferay.portal:release.portal.bom (Maven) Feb 20, 2024
Denial of service condition in M-Files Server in versions before 24.2 (excluding 23.2 SR7 and 23... Moderate Unreviewed
CVE-2024-0563 was published Feb 23, 2024
Due to an allocation of resources without limits, an uncontrolled resource consumption... Moderate Unreviewed
CVE-2023-51393 was published Feb 23, 2024
Connection leaking on idle timeout when TCP congested High
CVE-2024-22201 was published for org.eclipse.jetty.http2:http2-common (Maven) Feb 26, 2024
luffy1949
In Srelay (the SOCKS proxy and Relay) v.0.4.8p3, a specially crafted network payload can trigger... High Unreviewed
CVE-2024-25398 was published Feb 27, 2024
In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure... Moderate Unreviewed
CVE-2021-46939 was published Feb 27, 2024
In the Linux kernel, the following vulnerability has been resolved: net: Only allow init netns... High Unreviewed
CVE-2021-47010 was published Feb 28, 2024
In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix... High Unreviewed
CVE-2021-47023 was published Feb 28, 2024
Rack has possible DoS Vulnerability with Range Header Low
CVE-2024-26141 was published for rack (RubyGems) Feb 28, 2024
ooooooo-q
An issue was discovered in Couchbase Server through 7.2.2. A data reader may cause a denial of... Moderate Unreviewed
CVE-2023-45874 was published Feb 29, 2024
jose4j denial of service via specifically crafted JWE Moderate
CVE-2023-51775 was published for org.bitbucket.b_c:jose4j (Maven) Feb 29, 2024
A vulnerability in system resource management in Cisco UCS 6400 and 6500 Series Fabric... Moderate Unreviewed
CVE-2024-20344 was published Feb 29, 2024
A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS... High Unreviewed
CVE-2024-20321 was published Feb 29, 2024
Mattermost denial of service through long emoji value Moderate
CVE-2024-24988 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 29, 2024
Mattermost fails to limit the number of role names Moderate
CVE-2024-1953 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 29, 2024
phpseclib a large prime can cause a denial of service High
CVE-2024-27354 was published for phpseclib/phpseclib (Composer) Mar 2, 2024
phpseclib does not properly limit the ASN1 OID length High
CVE-2024-27355 was published for phpseclib/phpseclib (Composer) Mar 2, 2024
IBM QRadar WinCollect Agent 10.0 through 10.1.2 could allow a privileged user to cause a denial... Moderate Unreviewed
CVE-2022-43880 was published Mar 3, 2024
libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. This flaw allows an... High Unreviewed
CVE-2024-25269 was published Mar 5, 2024
An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Spectrum service accessed... Moderate Unreviewed
CVE-2024-25615 was published Mar 5, 2024
In the Linux kernel, the following vulnerability has been resolved: jfs: fix slab-out-of-bounds... High Unreviewed
CVE-2023-52602 was published Mar 6, 2024
nGrinder before 3.5.9 allows to set delay without limitation, which could be the cause of Denial... Low Unreviewed
CVE-2024-28214 was published Mar 7, 2024
jose vulnerable to resource exhaustion via specifically crafted JWE with compressed plaintext Moderate
CVE-2024-28176 was published for jose (npm) Mar 7, 2024
P3ngu1nW panva
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in... Critical Unreviewed
CVE-2024-23265 was published Mar 8, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database