Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

635 advisories

Loading
async-graphql Directive Overload High
CVE-2024-47614 was published for async-graphql (Rust) Oct 3, 2024
MindPatch
Credited to MindPatch
A memory allocation issue in vernemq v2.0.1 allows attackers to cause a Denial of Service (DoS)... High Unreviewed
CVE-2024-44459 was published Sep 12, 2024
Possible NLDAP Denial of Service attack Vulnerability in eDirectory has been discovered in... High Unreviewed
CVE-2021-22532 was published Sep 12, 2024
Very large headers can cause resource exhaustion when parsing message. The message-parser... High Unreviewed
CVE-2024-23185 was published Sep 10, 2024
Apollo Router Coprocessors may cause Denial-of-Service when handling request bodies High
CVE-2024-43783 was published for apollo-router (Rust) Aug 27, 2024
Russh has an OOM Denial of Service due to allocation of untrusted amount High
CVE-2024-43410 was published for russh (Rust) Aug 14, 2024
Noratrieb Eugeny
Credited to Noratrieb and Eugeny
In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs)... High Unreviewed
CVE-2024-41727 was published Aug 14, 2024
If exploited, this vulnerability could cause a SuiteLink server to consume excessive system... High Unreviewed
CVE-2024-7113 was published Aug 13, 2024
Uncontrolled resource consumption refers to a software vulnerability where a attacker or system... High Unreviewed
CVE-2024-36462 was published Aug 12, 2024
A vulnerability has been found in Dahua products.Attackers can send carefully crafted data... High Unreviewed
CVE-2024-39944 was published Jul 31, 2024
GraphQL Java does not properly consider ExecutableNormalizedFields (ENFs) as part of preventing denial of service High
CVE-2024-40094 was published for com.graphql-java:graphql-java (Maven) Jul 30, 2024
A malicious client can send many DNS messages over TCP, potentially causing the server to become... High Unreviewed
CVE-2024-0760 was published Jul 23, 2024
Resolver caches and authoritative zone databases that hold significant numbers of RRs for the... High Unreviewed
CVE-2024-1737 was published Jul 23, 2024
If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a ... High Unreviewed
CVE-2024-1975 was published Jul 23, 2024
DNSJava vulnerable to KeyTrap - Denial-of-Service Algorithmic Complexity Attacks High
GHSA-crjg-w57m-rqqf was published for dnsjava:dnsjava (Maven) Jul 22, 2024
levpachmanov amita-seal
Credited to levpachmanov and amita-seal
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows an attacker to create... High Unreviewed
CVE-2024-6037 was published Jul 11, 2024
Django vulnerable to Denial of Service High
CVE-2024-39614 was published for Django (pip) Jul 10, 2024
Django vulnerable to Denial of Service High
CVE-2024-38875 was published for Django (pip) Jul 10, 2024
A denial-of-service attack is possible through the execution functionality of KNIME Business Hub... High Unreviewed
CVE-2024-6598 was published Jul 9, 2024
OPCFoundation.NetStandard.Opc.Ua.Core buffer-management vulnerability High
CVE-2024-33862 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jul 6, 2024
Uncontrolled Resource Consumption vulnerability in MESbook 20221021.03 version. An... High Unreviewed
CVE-2024-6427 was published Jul 3, 2024
Potential memory exhaustion attack due to sparse slice deserialization High
CVE-2024-37298 was published for github.com/gorilla/schema (Go) Jul 1, 2024
AlexVasiluta
Credited to AlexVasiluta
Unlimited number of NTS-KE connections can crash ntpd-rs server High
CVE-2024-38528 was published for ntpd (Rust) Jun 28, 2024
mlichvar
Credited to mlichvar
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to cover... High Unreviewed
CVE-2024-34027 was published Jun 24, 2024
TYPO3 Denial of Service in Frontend Record Registration High
GHSA-g585-crjf-vhwq was published for typo3/cms (Composer) Jun 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database