Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

635 advisories

Loading
IBM TXSeries for Multiplatforms 10.1 could allow a remote attacker to cause a denial of service... High Unreviewed
CVE-2024-41743 was published Jan 19, 2025
IBM TXSeries for Multiplatforms 10.1 is vulnerable to a denial of service, caused by improper... High Unreviewed
CVE-2024-41742 was published Jan 19, 2025
IBM Safer Payments 6.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6... High Unreviewed
CVE-2024-45662 was published Jan 18, 2025
An unauthenticated remote attacker can cause a DoS in the controller due to uncontrolled resource... High Unreviewed
CVE-2018-25108 was published Jan 16, 2025
A allocation of resources without limits or throttling in Fortinet FortiSIEM 5.3 all versions, 5... High Unreviewed
CVE-2024-46667 was published Jan 14, 2025
An allocation of resources without limits or throttling vulnerability [CWE-770] in FortiOS... High Unreviewed
CVE-2024-46668 was published Jan 14, 2025
An issue in the sqlg_hash_source component of openlink virtuoso-opensource v7.2.11 allows... High Unreviewed
CVE-2024-57662 was published Jan 14, 2025
An issue in the sqlg_place_dpipes component of openlink virtuoso-opensource v7.2.11 allows... High Unreviewed
CVE-2024-57663 was published Jan 14, 2025
An issue in the sqlg_group_node component of openlink virtuoso-opensource v7.2.11 allows... High Unreviewed
CVE-2024-57664 was published Jan 14, 2025
go-git clients vulnerable to DoS via maliciously crafted Git server replies High
CVE-2025-21614 was published for github.com/go-git/go-git (Go) Jan 6, 2025
bdilalu
Credited to bdilalu
Uncontrolled resource consumption when a driver, an application or a SMMU client tries to access... High Unreviewed
CVE-2024-43064 was published Jan 6, 2025
A denial-of-service issue was addressed with improved input validation. This issue is fixed in... High Unreviewed
CVE-2024-54538 was published Dec 20, 2024
WhoDB Allows Unbounded Memory Consumption in Authentication Middleware Can Lead to Denial of Service High
GHSA-5pf6-cq2v-23ww was published for github.com/clidey/whodb/core (Go) Dec 19, 2024
thevilledev
Credited to thevilledev
In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before e3277eb, unlimited user... High Unreviewed
CVE-2024-56319 was published Dec 19, 2024
Non-linear parsing of case-insensitive content in golang.org/x/net/html High
CVE-2024-45338 was published for golang.org/x/net/html (Go) Dec 18, 2024
mkcops
Credited to mkcops
Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not ... High Unreviewed
CVE-2024-12254 was published Dec 6, 2024
rPGP Potential Resource Exhaustion when handling Untrusted Messages High
CVE-2024-53857 was published for pgp (Rust) Dec 5, 2024
invd hko-s
link2xt dignifiedquire
Credited to invd, hko-s, link2xt, and dignifiedquire
Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the... High Unreviewed
CVE-2024-11316 was published Dec 5, 2024
Denial of Service vulnerabilities where found providing a potiential for device service... High Unreviewed
CVE-2024-48844 was published Dec 5, 2024
Denial of Service vulnerabilities where found providing a potiential for device service... High Unreviewed
CVE-2024-48843 was published Dec 5, 2024
An issue in aedes v0.51.2 allows attackers to cause a Denial of Service(DoS) via a crafted request. High Unreviewed
CVE-2024-48080 was published Dec 3, 2024
Synapse allows unsupported content types to lead to memory exhaustion High
CVE-2024-52805 was published for matrix-synapse (pip) Dec 3, 2024
Synapse denial of service through media disk space consumption High
CVE-2024-37302 was published for matrix-synapse (pip) Dec 3, 2024
Denial of service (DoS) via deformation `multipart/form-data` boundary High
CVE-2024-53981 was published for python-multipart (pip) Dec 2, 2024
Startr4ck defnull
mnqazi
Credited to Startr4ck, defnull, and mnqazi
rizin before Release v0.6.3 is vulnerable to Uncontrolled Resource Consumption via... High Unreviewed
CVE-2024-31669 was published Dec 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database