GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,404 advisories
Filter by severity
A vulnerability, which was classified as problematic, has been found in Tongda OA 2017 up to 11.7...
Moderate
Unreviewed
CVE-2024-10599
was published
Nov 1, 2024
Undertow Denial of Service vulnerability
Moderate
CVE-2023-1973
was published
for
io.undertow:undertow-core
(Maven)
Nov 7, 2024
wasm3 uncontrolled memory allocation vulnerability
Moderate
CVE-2024-27529
was published
for
github.com/shareup/wasm-interpreter-apple
(pip)
Nov 9, 2024
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the...
High
Unreviewed
CVE-2024-10345
was published
Nov 11, 2024
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the...
High
Unreviewed
CVE-2024-10344
was published
Nov 11, 2024
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the...
High
Unreviewed
CVE-2024-10314
was published
Nov 11, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected...
Moderate
Unreviewed
CVE-2024-46891
was published
Nov 12, 2024
Denial of Service attack on windows app using netty
Moderate
CVE-2024-47535
was published
for
io.netty:netty-common
(Maven)
Nov 12, 2024
CWE-400: An Uncontrolled Resource Consumption vulnerability exists that could cause the device to...
High
Unreviewed
CVE-2024-9409
was published
Nov 13, 2024
A vulnerability in the PROFINET stack implementation of the IndraDrive (all versions) of Bosch...
High
Unreviewed
CVE-2024-48989
was published
Nov 13, 2024
A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an...
High
Unreviewed
CVE-2023-20125
was published
Nov 15, 2024
A flaw was found within the handling of SMB2_READ commands in the kernel ksmbd module. The issue...
Moderate
Unreviewed
CVE-2023-39180
was published
Nov 18, 2024
Uncontrolled resource consumption in some Zoom Apps before version 6.2.0 may allow an...
Moderate
Unreviewed
CVE-2024-45420
was published
Nov 19, 2024
Tornado has an HTTP cookie parsing DoS vulnerability
High
CVE-2024-52804
was published
for
tornado
(pip)
Nov 22, 2024
There exists a stack buffer overflow in libjxl. A specifically-crafted file can cause the JPEG XL...
Moderate
Unreviewed
CVE-2024-11498
was published
Nov 25, 2024
Netty vulnerability included in redis lettuce
Moderate
GHSA-q4h9-7rxj-7gx2
was published
for
io.lettuce:lettuce-core
(Maven)
Dec 2, 2024
Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines()
method would not ...
High
Unreviewed
CVE-2024-12254
was published
Dec 6, 2024
Dell PowerScale OneFS Versions 9.5.0.x through 9.8.0.x contain an uncontrolled resource...
Moderate
Unreviewed
CVE-2024-42426
was published
Dec 9, 2024
Windows Remote Desktop Services Denial of Service Vulnerability
High
Unreviewed
CVE-2024-49075
was published
Dec 12, 2024
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
High
Unreviewed
CVE-2024-49096
was published
Dec 12, 2024
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
High
Unreviewed
CVE-2024-49129
was published
Dec 12, 2024
Uncontrolled Resource Consumption vulnerability in PlexTrac allows WebSocket DoS.This issue...
High
Unreviewed
CVE-2024-11835
was published
Dec 13, 2024
The Minify HTML plugin for WordPress is vulnerable to Regular Expression Denial of Service (ReDoS...
Moderate
Unreviewed
CVE-2024-12579
was published
Dec 13, 2024
ASA-2024-0012, ASA-2024-0013: CosmosSDK: Transaction decoding may result in a stack overflow or resource exhaustion
High
GHSA-8wcc-m6j2-qxvm
was published
for
cosmossdk.io/x/tx
(Go)
Dec 16, 2024
The Calculated Fields Form plugin for WordPress is vulnerable to Denial of Service in all...
Moderate
Unreviewed
CVE-2024-12601
was published
Dec 17, 2024
ProTip!
Advisories are also available from the
GraphQL API