GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,050 advisories
Filter by severity
An uncontrolled resource consumption vulnerability has been reported to affect several QNAP...
Moderate
Unreviewed
CVE-2022-27600
was published
Dec 19, 2024
An incomplete fix for ose-olm-catalogd-container was issued for the Rapid Reset Vulnerability ...
Moderate
Unreviewed
CVE-2024-12698
was published
Dec 18, 2024
Apache Tomcat Uncontrolled Resource Consumption vulnerability
Moderate
CVE-2024-54677
was published
for
org.apache.tomcat:tomcat-catalina
(Maven)
Dec 17, 2024
The Calculated Fields Form plugin for WordPress is vulnerable to Denial of Service in all...
Moderate
Unreviewed
CVE-2024-12601
was published
Dec 17, 2024
The Minify HTML plugin for WordPress is vulnerable to Regular Expression Denial of Service (ReDoS...
Moderate
Unreviewed
CVE-2024-12579
was published
Dec 13, 2024
Dell PowerScale OneFS Versions 9.5.0.x through 9.8.0.x contain an uncontrolled resource...
Moderate
Unreviewed
CVE-2024-42426
was published
Dec 9, 2024
Netty vulnerability included in redis lettuce
Moderate
GHSA-q4h9-7rxj-7gx2
was published
for
io.lettuce:lettuce-core
(Maven)
Dec 2, 2024
There exists a stack buffer overflow in libjxl. A specifically-crafted file can cause the JPEG XL...
Moderate
Unreviewed
CVE-2024-11498
was published
Nov 25, 2024
Uncontrolled resource consumption in some Zoom Apps before version 6.2.0 may allow an...
Moderate
Unreviewed
CVE-2024-45420
was published
Nov 19, 2024
A flaw was found within the handling of SMB2_READ commands in the kernel ksmbd module. The issue...
Moderate
Unreviewed
CVE-2023-39180
was published
Nov 18, 2024
Denial of Service attack on windows app using netty
Moderate
CVE-2024-47535
was published
for
io.netty:netty-common
(Maven)
Nov 12, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected...
Moderate
Unreviewed
CVE-2024-46891
was published
Nov 12, 2024
wasm3 uncontrolled memory allocation vulnerability
Moderate
CVE-2024-27529
was published
for
github.com/shareup/wasm-interpreter-apple
(pip)
Nov 9, 2024
Undertow Denial of Service vulnerability
Moderate
CVE-2023-1973
was published
for
io.undertow:undertow-core
(Maven)
Nov 7, 2024
A vulnerability, which was classified as problematic, has been found in Tongda OA 2017 up to 11.7...
Moderate
Unreviewed
CVE-2024-10599
was published
Nov 1, 2024
Gnark out-of-memory during deserialization with crafted inputs
Moderate
CVE-2024-50354
was published
for
github.com/consensys/gnark
(Go)
Oct 31, 2024
The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation...
Moderate
Unreviewed
CVE-2024-31152
was published
Oct 30, 2024
Werkzeug possible resource exhaustion when parsing file data in forms
Moderate
CVE-2024-49767
was published
for
quart
(pip)
Oct 25, 2024
A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow...
Moderate
Unreviewed
CVE-2024-20526
was published
Oct 23, 2024
A denial of service (DoS) vulnerability was found in OpenShift. This flaw allows attackers to...
Moderate
Unreviewed
CVE-2024-50311
was published
Oct 22, 2024
Exiv2 has a denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder
Moderate
CVE-2024-25112
was published
for
exiv2
(pip)
Oct 17, 2024
Eclipse Jetty's ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
Moderate
CVE-2024-8184
was published
for
org.eclipse.jetty:jetty-server
(Maven)
Oct 14, 2024
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions...
Moderate
Unreviewed
CVE-2024-45736
was published
Oct 14, 2024
Eclipse Jetty has a denial of service vulnerability on DosFilter
Moderate
CVE-2024-9823
was published
for
org.eclipse.jetty.ee10:jetty-ee10-servlets
(Maven)
Oct 14, 2024
Uncontrolled resource consumption in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before...
Moderate
Unreviewed
CVE-2023-25769
was published
Oct 10, 2024
ProTip!
Advisories are also available from the
GraphQL API