Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

625 advisories

Loading
An issue has been discovered in GitLab EE/CE affecting all versions starting before 16.3.6, all... Moderate Unreviewed
CVE-2023-3246 was published Nov 6, 2023
A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch... Moderate Unreviewed
CVE-2023-5625 was published Nov 1, 2023
Pfsense CE version 2.6.0 is vulnerable to No rate limit which can lead to an attacker creating... Moderate Unreviewed
CVE-2023-29973 was published Oct 25, 2023
When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request... Moderate Unreviewed
CVE-2023-45802 was published Oct 23, 2023
Allocation of Resources Without Limits or Throttling in vriteio/vrite Moderate
CVE-2023-5573 was published for @vrite/sdk (npm) Oct 13, 2023
matrix-synapse vulnerable to denial of service due to malicious server ACL events Moderate
CVE-2023-45129 was published for matrix-synapse (pip) Oct 10, 2023
Denial of service vulnerability on creating a Launch with too many recursively nested elements in reportportal Moderate
CVE-2023-25822 was published for com.epam.reportportal:service-api (Maven) Oct 10, 2023
RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of... Moderate Unreviewed
CVE-2023-5371 was published Oct 4, 2023
A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate... Moderate Unreviewed
CVE-2023-3153 was published Oct 4, 2023
In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that... Moderate Unreviewed
CVE-2023-0809 was published Oct 2, 2023
plone.rest vulnerable to Denial of Service when ++api++ is used many times Moderate
CVE-2023-42457 was published for plone.rest (pip) Sep 21, 2023
When calling `JS::CheckRegExpSyntax` a Syntax Error could have been set which would end in... Moderate Unreviewed
CVE-2023-4578 was published Sep 11, 2023
An improper resource allocation vulnerability exists in the OAS Engine configuration management... Moderate Unreviewed
CVE-2023-34994 was published Sep 5, 2023
GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability... Moderate Unreviewed
CVE-2022-48064 was published Aug 22, 2023
SUCHMOKUO node-worker-threads-pool denial of service Vulnerability Moderate
CVE-2021-29057 was published for node-worker-threads-pool (npm) Aug 11, 2023
nalandial
Credited to nalandial
A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35... Moderate Unreviewed
CVE-2023-38532 was published Aug 8, 2023
RDiffWeb vulnerable to Allocation of Resources Without Limits or Throttling Moderate
CVE-2023-4138 was published for rdiffweb (pip) Aug 3, 2023
Golang TIFF decoder does not place a limit on the size of compressed tile data Moderate
CVE-2023-29408 was published for golang.org/x/image (Go) Aug 2, 2023
In some circumstances, a stale value could have been used for a global variable in WASM JIT... Moderate Unreviewed
CVE-2023-4046 was published Aug 1, 2023
Denial of service from unlimited password lengths Moderate
CVE-2023-38492 was published for getkirby/cms (Composer) Jul 28, 2023
5hank4r
Credited to 5hank4r
A missing allocation check in sftp server processing read requests may cause a NULL dereference... Moderate Unreviewed
CVE-2023-3603 was published Jul 21, 2023
Wyse Management Suite versions prior to 4.0 contain a denial-of-service vulnerability. An... Moderate Unreviewed
CVE-2023-32481 was published Jul 20, 2023
JavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and... Moderate Unreviewed
CVE-2023-29449 was published Jul 13, 2023
Wallabag vulnerable to Allocation of Resources Without Limits or Throttling Moderate
CVE-2023-3566 was published for wallabag/wallabag (Composer) Jul 10, 2023
CometBFT PeerState JSON serialization deadlock Moderate
CVE-2023-34450 was published for github.com/cometbft/cometbft (Go) Jul 5, 2023
mmsqe sergio-mena
Credited to mmsqe and sergio-mena
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database