Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,093 advisories

Loading
An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file... High Unreviewed
CVE-2023-52355 was published Jan 25, 2024
IObit Malware Fighter v11.0.0.1274 is vulnerable to a Denial of Service vulnerability by... Moderate Unreviewed
CVE-2024-0430 was published Jan 22, 2024
An issue was discovered in Mbed TLS 3.5.1. There is persistent handshake denial if a client sends... High Unreviewed
CVE-2024-23744 was published Jan 22, 2024
An incorrect permissions vulnerability was reported in the Lenovo App Store app that could allow... Moderate Unreviewed
CVE-2023-6450 was published Jan 19, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-20977 was published Jan 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-20961 was published Jan 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported... Moderate Unreviewed
CVE-2024-20981 was published Jan 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-20965 was published Jan 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported... Moderate Unreviewed
CVE-2024-20985 was published Jan 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported... Moderate Unreviewed
CVE-2024-20983 was published Jan 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-20971 was published Jan 17, 2024
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core)... Moderate Unreviewed
CVE-2024-20959 was published Jan 17, 2024
Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because... High Unreviewed
CVE-2023-22512 was published Jan 16, 2024
An Uncontrolled Resource Consumption vulnerability has been found on Sandsprite Scdbg.exe,... Moderate Unreviewed
CVE-2024-0581 was published Jan 16, 2024
Denial of Service (DoS) vulnerability in the DMS module. Successful exploitation of this... High Unreviewed
CVE-2023-52098 was published Jan 16, 2024
launchAnyWhere vulnerability in the ActivityManagerService module. Successful exploitation of... High Unreviewed
CVE-2023-52113 was published Jan 16, 2024
Cloud Foundry routing release versions from v0.163.0 to v0.283.0 are vulnerable to a DOS attack. ... High Unreviewed
CVE-2023-34061 was published Jan 12, 2024
The issue was addressed with improved checks. This issue is fixed in iOS 17.2 and iPadOS 17.2. An... Moderate Unreviewed
CVE-2023-42941 was published Jan 11, 2024
A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been classified... Moderate Unreviewed
CVE-2024-0348 was published Jan 10, 2024
Microsoft Message Queuing Denial of Service Vulnerability High Unreviewed
CVE-2024-20661 was published Jan 9, 2024
.NET Core and Visual Studio Denial of Service Vulnerability High Unreviewed
CVE-2024-20672 was published Jan 9, 2024
In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation... Moderate Unreviewed
CVE-2024-22164 was published Jan 9, 2024
Autel EVO NANO drone flight control firmware version 1.6.5 is vulnerable to denial of service (DoS). Moderate Unreviewed
CVE-2023-50121 was published Jan 6, 2024
An issue was discovered in O-RAN Software Community ric-plt-e2mgr in the G-Release environment,... High Unreviewed
CVE-2023-42358 was published Jan 3, 2024
An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the... Moderate Unreviewed
CVE-2023-49555 was published Jan 3, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database