Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,315 advisories

Loading
When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly... Moderate Unreviewed
CVE-2023-45290 was published Mar 6, 2024
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI... High Unreviewed
CVE-2024-22255 was published Mar 5, 2024
In the Linux kernel, the following vulnerability has been resolved: HID: sony: Fix a potential... Moderate Unreviewed
CVE-2023-52529 was published Mar 3, 2024
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_codec: Fix... Moderate Unreviewed
CVE-2023-52518 was published Mar 3, 2024
In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ss - Fix... Moderate Unreviewed
CVE-2021-47057 was published Mar 1, 2024
Mattermost fails to limit the number of role names Moderate
CVE-2024-1953 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 29, 2024
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5... High Unreviewed
CVE-2024-26461 was published Feb 29, 2024
A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS... High Unreviewed
CVE-2024-20321 was published Feb 29, 2024
An issue was discovered in Couchbase Server through 7.2.2. A data reader may cause a denial of... Moderate Unreviewed
CVE-2023-45873 was published Feb 29, 2024
Connection leaking on idle timeout when TCP congested High
CVE-2024-22201 was published for org.eclipse.jetty.http2:http2-common (Maven) Feb 26, 2024
luffy1949
Credited to luffy1949
IBM Cognos Analytics Mobile Server 11.1.7, 11.2.4, and 12.0.0 is vulnerable to Denial of Service... Moderate Unreviewed
CVE-2022-34357 was published Feb 26, 2024
Due to an allocation of resources without limits, an uncontrolled resource consumption... Moderate Unreviewed
CVE-2023-51393 was published Feb 23, 2024
Denial of service condition in M-Files Server in versions before 24.2 (excluding 23.2 SR7 and 23... Moderate Unreviewed
CVE-2024-0563 was published Feb 23, 2024
Liferay Portal vulnerable to Denial of Service Moderate
CVE-2024-26265 was published for com.liferay.portal:release.portal.bom (Maven) Feb 20, 2024
Uncontrolled Resource Consumption in moodle High
CVE-2024-25978 was published for moodle/moodle (Composer) Feb 19, 2024
Apache Commons Compress: OutOfMemoryError unpacking broken Pack200 file Moderate
CVE-2024-26308 was published for org.apache.commons:commons-compress (Maven) Feb 19, 2024
oscerd astashys
Credited to oscerd and astashys
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). ... Moderate Unreviewed
CVE-2024-20968 was published Feb 17, 2024
When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point (CRLDP)... High Unreviewed
CVE-2024-23979 was published Feb 14, 2024
Certain DNSSEC aspects of the DNS protocol (in RFC 4035 and related RFCs) allow remote attackers... High Unreviewed
CVE-2023-50387 was published Feb 14, 2024
For unspecified traffic patterns, BIG-IP AFM IPS engine may spend an excessive amount of time... High Unreviewed
CVE-2024-21771 was published Feb 14, 2024
To keep its cache database efficient, `named` running as a recursive resolver occasionally... High Unreviewed
CVE-2023-6516 was published Feb 13, 2024
Allocation of Resources Without Limits or Throttling vulnerability in Badge leading to a denial... Moderate Unreviewed
CVE-2024-21875 was published Feb 11, 2024
In OpenDDS through 3.27, there is a segmentation fault for a DataWriter with a large value of... High Unreviewed
CVE-2023-52427 was published Feb 11, 2024
Denial of Service in Connect2id Nimbus JOSE+JWT High
CVE-2023-52428 was published for com.nimbusds:nimbus-jose-jwt (Maven) Feb 11, 2024
ebickle
Credited to ebickle
An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16... Moderate Unreviewed
CVE-2024-1066 was published Feb 8, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database