Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,367 advisories

Loading
Uncontrolled resource consumption for some Intel(R) SPS firmware versions may allow a privileged... Moderate Unreviewed
CVE-2023-35191 was published Mar 14, 2024
quiche vulnerable to unlimited resource allocation by QUIC CRYPTO frames flooding Moderate
CVE-2024-1765 was published for quiche (Rust) Mar 13, 2024
JWX vulnerable to a denial of service attack using compressed JWE message Moderate
CVE-2024-28122 was published for github.com/lestrrat-go/jwx (Go) Mar 8, 2024
zer0yu
Credited to zer0yu
The issue was addressed with improved checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6... Moderate Unreviewed
CVE-2024-23259 was published Mar 8, 2024
jose vulnerable to resource exhaustion via specifically crafted JWE with compressed plaintext Moderate
CVE-2024-28176 was published for jose (npm) Mar 7, 2024
P3ngu1nW panva
Credited to P3ngu1nW and panva
An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Spectrum service accessed... Moderate Unreviewed
CVE-2024-25615 was published Mar 5, 2024
IBM QRadar WinCollect Agent 10.0 through 10.1.2 could allow a privileged user to cause a denial... Moderate Unreviewed
CVE-2022-43880 was published Mar 3, 2024
Mattermost fails to limit the number of role names Moderate
CVE-2024-1953 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 29, 2024
Mattermost denial of service through long emoji value Moderate
CVE-2024-24988 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 29, 2024
A vulnerability in system resource management in Cisco UCS 6400 and 6500 Series Fabric... Moderate Unreviewed
CVE-2024-20344 was published Feb 29, 2024
jose4j denial of service via specifically crafted JWE Moderate
CVE-2023-51775 was published for org.bitbucket.b_c:jose4j (Maven) Feb 29, 2024
An issue was discovered in Couchbase Server through 7.2.2. A data reader may cause a denial of... Moderate Unreviewed
CVE-2023-45874 was published Feb 29, 2024
In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure... Moderate Unreviewed
CVE-2021-46939 was published Feb 27, 2024
Due to an allocation of resources without limits, an uncontrolled resource consumption... Moderate Unreviewed
CVE-2023-51393 was published Feb 23, 2024
Denial of service condition in M-Files Server in versions before 24.2 (excluding 23.2 SR7 and 23... Moderate Unreviewed
CVE-2024-0563 was published Feb 23, 2024
Liferay Portal vulnerable to Denial of Service Moderate
CVE-2024-26265 was published for com.liferay.portal:release.portal.bom (Maven) Feb 20, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-20972 was published Feb 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-20976 was published Feb 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-20978 was published Feb 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-20962 was published Feb 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security:... Moderate Unreviewed
CVE-2024-20964 was published Feb 17, 2024
fetch(url) leads to a memory leak in undici Moderate
CVE-2024-24750 was published for undici (npm) Feb 16, 2024
mcollina
Credited to mcollina
A memory leak in the Silicon Labs' Bluetooth stack for EFR32 products may cause memory to be... Moderate Unreviewed
CVE-2024-0240 was published Feb 15, 2024
Magento Open Source allows Uncontrolled Resource Consumption Moderate
CVE-2024-20716 was published for magento/community-edition (Composer) Feb 15, 2024
mapshaper Path Traversal vulnerability Moderate
CVE-2024-1163 was published for mapshaper (npm) Feb 13, 2024
JafarAkhondali
Credited to JafarAkhondali
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database