Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,265
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,040 advisories

Loading
MsQuic Remote Denial of Service Vulnerability High
CVE-2023-36435 was published for Microsoft.Native.Quic.MsQuic.OpenSSL (NuGet) Oct 10, 2023
io.netty:netty-codec-http2 vulnerable to HTTP/2 Rapid Reset Attack High
GHSA-xpw8-rcwv-8f8p was published for io.netty:netty-codec-http2 (Maven) Oct 10, 2023
DuyTran-TomTom
Credited to DuyTran-TomTom
Cache variables with the operations when transforms exist on the root level even if variables change in the further requests with the same operation Moderate
CVE-2025-27097 was published for @graphql-mesh/runtime (npm) Oct 10, 2023
ardatan khell
Credited to ardatan and khell
HTTP/2 Stream Cancellation Attack Moderate
CVE-2023-44487 was published for com.typesafe.akka:akka-http-core (Go) Oct 10, 2023
joakime faroukfaiz10
DuyTran-TomTom derekheld ebickle westonsteimel
Credited to joakime, faroukfaiz10, DuyTran-TomTom, derekheld, ebickle, and westonsteimel
Remote Denial of Service Vulnerability in Microsoft.Native.Quic.MsQuic.Schannel High
CVE-2023-38171 was published for Microsoft.Native.Quic.MsQuic.OpenSSL (NuGet) Oct 10, 2023
Microsoft Message Queuing Denial of Service Vulnerability High Unreviewed
CVE-2023-36579 was published Oct 10, 2023
Microsoft Message Queuing Denial of Service Vulnerability High Unreviewed
CVE-2023-36606 was published Oct 10, 2023
Microsoft Message Queuing Denial of Service Vulnerability High Unreviewed
CVE-2023-36431 was published Oct 10, 2023
github.com/nghttp2/nghttp2 has HTTP/2 Rapid Reset High
GHSA-vx74-f528-fxqg was published for github.com/nghttp2/nghttp2 (Go) Oct 10, 2023
When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server,... High Unreviewed
CVE-2023-40542 was published Oct 10, 2023
A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function.... Moderate Unreviewed
CVE-2023-43786 was published Oct 10, 2023
A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All... Moderate Unreviewed
CVE-2023-37195 was published Oct 10, 2023
Mattermost fails to enforce a limit for the size of the cache entry for OpenGraph data allowing... High Unreviewed
CVE-2023-5330 was published Oct 9, 2023
Mattermost fails to deduplicate input IDs allowing a simple user to cause the application to... Moderate Unreviewed
CVE-2023-5333 was published Oct 9, 2023
In multiple locations, there is a possible way to crash multiple system services due to resource... Moderate Unreviewed
CVE-2023-21253 was published Oct 6, 2023
A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow... High Unreviewed
CVE-2023-20259 was published Oct 4, 2023
A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate... Moderate Unreviewed
CVE-2023-3153 was published Oct 4, 2023
Transient DOS in WLAN Firmware while parsing a NAN management frame. High Unreviewed
CVE-2023-33026 was published Oct 3, 2023
opentelemetry-instrumentation Denial of Service vulnerability due to unbound cardinality metrics High
CVE-2023-43810 was published for opentelemetry-instrumentation (pip) Oct 2, 2023
programmer04
Credited to programmer04
Mattermost Uncontrolled Resource Consumption vulnerability Moderate
CVE-2023-5196 was published for github.com/mattermost/mattermost-server/v6 (Go) Sep 29, 2023
Chaijs/get-func-name vulnerable to ReDoS High
CVE-2023-43646 was published for get-func-name (npm) Sep 27, 2023
GAP-dev keithamus
Credited to GAP-dev and keithamus
A vulnerability in the packet processing functionality of Cisco access point (AP) software could... Moderate Unreviewed
CVE-2023-20268 was published Sep 27, 2023
A vulnerability in the networking component of Cisco access point (AP) software could allow an... High Unreviewed
CVE-2023-20176 was published Sep 27, 2023
A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a... High Unreviewed
CVE-2023-5157 was published Sep 27, 2023
Denial-of-service vulnerability in the web server of the Eaton SMP SG-4260 allows attacker to... Moderate Unreviewed
CVE-2023-43775 was published Sep 27, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database