Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,036 advisories

Loading
Windows Kerberos Denial of Service Vulnerability High Unreviewed
CVE-2025-21218 was published Jan 14, 2025
An issue in the dfe_n_in_order component of openlink virtuoso-opensource v7.2.11 allows attackers... High Unreviewed
CVE-2024-57655 was published Jan 14, 2025
Dell PowerScale OneFS versions 8.2.2.x through 9.9.0.0 contain an uncontrolled resource... Moderate Unreviewed
CVE-2024-47239 was published Jan 8, 2025
go-git clients vulnerable to DoS via maliciously crafted Git server replies High
CVE-2025-21614 was published for github.com/go-git/go-git (Go) Jan 6, 2025
bdilalu
Credited to bdilalu
WhoDB Allows Unbounded Memory Consumption in Authentication Middleware Can Lead to Denial of Service High
GHSA-5pf6-cq2v-23ww was published for github.com/clidey/whodb/core (Go) Dec 19, 2024
thevilledev
Credited to thevilledev
An uncontrolled resource consumption vulnerability has been reported to affect several QNAP... Moderate Unreviewed
CVE-2022-27600 was published Dec 19, 2024
An incomplete fix for ose-olm-catalogd-container was issued for the Rapid Reset Vulnerability ... Moderate Unreviewed
CVE-2024-12698 was published Dec 18, 2024
Apache Tomcat Uncontrolled Resource Consumption vulnerability Moderate
CVE-2024-54677 was published for org.apache.tomcat:tomcat-catalina (Maven) Dec 17, 2024
The Calculated Fields Form plugin for WordPress is vulnerable to Denial of Service in all... Moderate Unreviewed
CVE-2024-12601 was published Dec 17, 2024
ASA-2024-0012, ASA-2024-0013: CosmosSDK: Transaction decoding may result in a stack overflow or resource exhaustion High
GHSA-8wcc-m6j2-qxvm was published for cosmossdk.io/x/tx (Go) Dec 16, 2024
The Minify HTML plugin for WordPress is vulnerable to Regular Expression Denial of Service (ReDoS... Moderate Unreviewed
CVE-2024-12579 was published Dec 13, 2024
Uncontrolled Resource Consumption vulnerability in PlexTrac allows WebSocket DoS.This issue... High Unreviewed
CVE-2024-11835 was published Dec 13, 2024
Process residence vulnerability in abnormal scenarios in the print module Impact: Successful... Moderate Unreviewed
CVE-2024-54113 was published Dec 12, 2024
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability High Unreviewed
CVE-2024-49129 was published Dec 12, 2024
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability High Unreviewed
CVE-2024-49096 was published Dec 12, 2024
Windows Remote Desktop Services Denial of Service Vulnerability High Unreviewed
CVE-2024-49075 was published Dec 12, 2024
Dell PowerScale OneFS Versions 9.5.0.x through 9.8.0.x contain an uncontrolled resource... Moderate Unreviewed
CVE-2024-42426 was published Dec 9, 2024
Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not ... High Unreviewed
CVE-2024-12254 was published Dec 6, 2024
Withdrawn Advisory: Netty vulnerability included in redis lettuce Moderate
GHSA-q4h9-7rxj-7gx2 was published for io.lettuce:lettuce-core (Maven) Dec 2, 2024 withdrawn
gmcallister-r7 SteffenGabel
Credited to gmcallister-r7 and SteffenGabel
There exists a stack buffer overflow in libjxl. A specifically-crafted file can cause the JPEG XL... Moderate Unreviewed
CVE-2024-11498 was published Nov 25, 2024
Tornado has an HTTP cookie parsing DoS vulnerability High
CVE-2024-52804 was published for tornado (pip) Nov 22, 2024
kexinoh
Credited to kexinoh
In removeUnsynchronization of ID3.cpp there is a possible resource exhaustion due to improper... Moderate Unreviewed
CVE-2018-9412 was published Nov 20, 2024
Uncontrolled resource consumption in some Zoom Apps before version 6.2.0 may allow an... Moderate Unreviewed
CVE-2024-45420 was published Nov 19, 2024
A flaw was found within the handling of SMB2_READ commands in the kernel ksmbd module. The issue... Moderate Unreviewed
CVE-2023-39180 was published Nov 18, 2024
Spring MVC controller vulnerable to a DoS attack Moderate
CVE-2024-38828 was published for org.springframework:spring-webmvc (Maven) Nov 18, 2024
ayamburg-panw Louis-Jones-Evri
Credited to ayamburg-panw and Louis-Jones-Evri
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database