Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,367 advisories

Loading
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.2 before 16... Moderate Unreviewed
CVE-2023-5825 was published Nov 6, 2023
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used... Moderate Unreviewed
CVE-2023-42669 was published Nov 6, 2023
A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC... Moderate Unreviewed
CVE-2023-42670 was published Nov 3, 2023
Django Denial of service vulnerability in django.utils.encoding.uri_to_iri Moderate
CVE-2023-41164 was published for django (pip) Nov 3, 2023
Connections to external data sources, like e-mail autoconfiguration, were not terminated in case... Moderate Unreviewed
CVE-2023-29046 was published Nov 2, 2023
A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch... Moderate Unreviewed
CVE-2023-5625 was published Nov 1, 2023
Uncontrolled resource consumption vulnerability in Cybozu Remote Service 4.1.0 to 4.1.1 allows a... Moderate Unreviewed
CVE-2023-46278 was published Nov 1, 2023
An issue in TP-Link Tapo C100 v1.1.15 Build 211130 Rel.15378n(4555) and before allows attackers... Moderate Unreviewed
CVE-2023-39610 was published Oct 31, 2023
Artifex Software jbig2dec v0.20 was discovered to contain a SEGV vulnerability via jbig2_error at... Moderate Unreviewed
CVE-2023-46361 was published Oct 31, 2023
memory leak flaw was found in ruby-magick Moderate
CVE-2023-5349 was published for rmagick (RubyGems) Oct 30, 2023
An inconsistent user interface issue was addressed with improved state management. This issue is... Moderate Unreviewed
CVE-2023-40408 was published Oct 25, 2023
IBM TXSeries for Multiplatforms, 8.1, 8.2, and 9.1, CICS TX Standard CICS TX Advanced 10.1 and 11... Moderate Unreviewed
CVE-2023-42031 was published Oct 25, 2023
A denial of service vulnerability was reported in the Lenovo HardwareScanPlugin versions prior... Moderate Unreviewed
CVE-2022-3698 was published Oct 25, 2023
A denial of service vulnerability was reported in the Lenovo HardwareScanPlugin versions prior... Moderate Unreviewed
CVE-2022-0353 was published Oct 25, 2023
Werkzeug DoS: High resource usage when parsing multipart/form-data containing a large part with CR/LF character at the beginning Moderate
CVE-2023-46136 was published for werkzeug (pip) Oct 25, 2023
psrok1 davidism
Credited to psrok1 and davidism
RabbitMQ Java client's Lack of Message Size Limitation leads to Remote DoS Attack Moderate
CVE-2023-46120 was published for com.rabbitmq:amqp-client (Maven) Oct 24, 2023
LianKee
Credited to LianKee
When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request... Moderate Unreviewed
CVE-2023-45802 was published Oct 23, 2023
rustix's `rustix::fs::Dir` iterator with the `linux_raw` backend can cause memory explosion Moderate
CVE-2024-43806 was published for rustix (Rust) Oct 18, 2023
cyqsimon sigmaSd
popey
Credited to cyqsimon, sigmaSd, and popey
Mattermost Mobile fails to limit the maximum number of Markdown elements in a post allowing an... Moderate Unreviewed
CVE-2023-5522 was published Oct 17, 2023
IBM Security Verify Privilege On-Premises 11.5 could allow a privileged user to cause by using a... Moderate Unreviewed
CVE-2022-43893 was published Oct 17, 2023
Traefik vulnerable to HTTP/2 request causing denial of service Moderate
GHSA-7v4p-328v-8v5g was published for github.com/traefik/traefik (Go) Oct 17, 2023
Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV. Moderate Unreviewed
CVE-2023-5595 was published Oct 16, 2023
Magento Open Source allows Uncontrolled Resource Consumption Moderate
CVE-2023-38251 was published for magento/community-edition (Composer) Oct 13, 2023
Cache variables with the operations when transforms exist on the root level even if variables change in the further requests with the same operation Moderate
CVE-2025-27097 was published for @graphql-mesh/runtime (npm) Oct 10, 2023
ardatan khell
Credited to ardatan and khell
HTTP/2 Stream Cancellation Attack Moderate
CVE-2023-44487 was published for com.typesafe.akka:akka-http-core (Go) Oct 10, 2023
joakime faroukfaiz10
DuyTran-TomTom derekheld ebickle westonsteimel
Credited to joakime, faroukfaiz10, DuyTran-TomTom, derekheld, ebickle, and westonsteimel
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database