GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,404 advisories
Filter by severity
Netty vulnerability included in redis lettuce
Moderate
GHSA-q4h9-7rxj-7gx2
was published
for
io.lettuce:lettuce-core
(Maven)
Dec 2, 2024
ASA-2024-0012, ASA-2024-0013: CosmosSDK: Transaction decoding may result in a stack overflow or resource exhaustion
High
GHSA-8wcc-m6j2-qxvm
was published
for
cosmossdk.io/x/tx
(Go)
Dec 16, 2024
CWA-2023-004: Excessive number of function parameters in compiled Wasm
Moderate
GHSA-75qh-gg76-p2w4
was published
for
cosmwasm-vm
(Go)
Aug 27, 2024
HTTP/2 Stream Cancellation Attack
Moderate
CVE-2023-44487
was published
for
com.typesafe.akka:akka-http-core
(Go)
Oct 10, 2023
WhoDB Allows Unbounded Memory Consumption in Authentication Middleware Can Lead to Denial of Service
High
GHSA-5pf6-cq2v-23ww
was published
for
github.com/clidey/whodb/core
(Go)
Dec 19, 2024
An uncontrolled resource consumption vulnerability has been reported to affect several QNAP...
Moderate
Unreviewed
CVE-2022-27600
was published
Dec 19, 2024
Apache Tomcat Uncontrolled Resource Consumption vulnerability
Moderate
CVE-2024-54677
was published
for
org.apache.tomcat:tomcat-catalina
(Maven)
Dec 17, 2024
Mattermost Server Resource Exhaustion
Low
CVE-2024-28053
was published
for
github.com/mattermost/mattermost-server
(Go)
Mar 15, 2024
An incomplete fix for ose-olm-catalogd-container was issued for the Rapid Reset Vulnerability ...
Moderate
Unreviewed
CVE-2024-12698
was published
Dec 18, 2024
fetch(url) leads to a memory leak in undici
Moderate
CVE-2024-24750
was published
for
undici
(npm)
Feb 16, 2024
In multiple functions of SnoozeHelper.java, there is a possible persistent denial of service due...
Moderate
Unreviewed
CVE-2024-0026
was published
May 7, 2024
The Calculated Fields Form plugin for WordPress is vulnerable to Denial of Service in all...
Moderate
Unreviewed
CVE-2024-12601
was published
Dec 17, 2024
Mattermost fails to limit the number of role names
Moderate
CVE-2024-1953
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Feb 29, 2024
Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before...
Moderate
Unreviewed
CVE-2024-2446
was published
Mar 15, 2024
Mattermost Server doesn't limit the number of user preferences
Moderate
CVE-2024-28949
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Apr 5, 2024
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial...
High
Unreviewed
CVE-2018-12122
was published
May 13, 2022
Uncontrolled Resource Consumption vulnerability in PlexTrac allows WebSocket DoS.This issue...
High
Unreviewed
CVE-2024-11835
was published
Dec 13, 2024
The Minify HTML plugin for WordPress is vulnerable to Regular Expression Denial of Service (ReDoS...
Moderate
Unreviewed
CVE-2024-12579
was published
Dec 13, 2024
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in...
High
Unreviewed
CVE-2024-40841
was published
Sep 17, 2024
Vulnerability of system restart triggered by abnormal callbacks passed to APIs.Successful...
High
Unreviewed
CVE-2023-34166
was published
Jun 19, 2023
Microsoft Message Queuing Denial of Service Vulnerability
High
Unreviewed
CVE-2023-36606
was published
Oct 10, 2023
Microsoft Message Queuing Denial of Service Vulnerability
High
Unreviewed
CVE-2023-36431
was published
Oct 10, 2023
Microsoft Message Queuing Denial of Service Vulnerability
High
Unreviewed
CVE-2023-36579
was published
Oct 10, 2023
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
High
Unreviewed
CVE-2024-49096
was published
Dec 12, 2024
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
High
Unreviewed
CVE-2024-49129
was published
Dec 12, 2024
ProTip!
Advisories are also available from the
GraphQL API