Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,036 advisories

Loading
An issue was discovered in includes/specials/SpecialMovePage.php in MediaWiki before 1.39.7, 1.40... High Unreviewed
CVE-2024-34506 was published May 5, 2024
Ryu Infinite Loop vulnerability High
CVE-2024-34483 was published for ryu (pip) May 5, 2024
Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service... High Unreviewed
CVE-2023-39477 was published May 3, 2024
Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service... High Unreviewed
CVE-2023-27334 was published May 3, 2024
An issue in Hipcam Cameras RealServer v.1.0 allows a remote attacker to cause a denial of service... High Unreviewed
CVE-2023-50685 was published May 2, 2024
s3-url-parser vulnerable to Denial of Service via regexes component High
CVE-2024-25355 was published for s3-url-parser (npm) May 1, 2024
Yamux Memory Exhaustion Vulnerability via Active::pending_frames property High
CVE-2024-32984 was published for yamux (Rust) May 1, 2024
jxs marten-seemann
AgeManning
Credited to jxs, marten-seemann, and AgeManning
In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async #PF... High Unreviewed
CVE-2024-26976 was published May 1, 2024
The O-RAN E2T I-Release Prometheus metric Increment function can crash in sctpThread.cpp for... High Unreviewed
CVE-2024-34045 was published Apr 30, 2024
An issue discovered in httpd in ASUS RT-AC51U with firmware version up to and including 3.0.0.4... Moderate Unreviewed
CVE-2023-31889 was published Apr 29, 2024
An issue in Yonganda YAD-LOJ V3.0.561 allows a remote attacker to cause a denial of service via a... High Unreviewed
CVE-2024-32269 was published Apr 29, 2024
Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences Moderate
CVE-2024-32476 was published for github.com/argoproj/argo-cd/v2 (Go) Apr 26, 2024
crenshaw-dev pasha-codefresh
todaywasawesome
Credited to crenshaw-dev, pasha-codefresh, and todaywasawesome
Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component... Moderate Unreviewed
CVE-2024-33259 was published Apr 26, 2024
Mattermost fails to limit the number of active sessions Moderate
CVE-2024-4183 was published for github.com/mattermost/mattermost-server (Go) Apr 26, 2024
Mattermost fails to limit the size of a request path Low
CVE-2024-22091 was published for github.com/mattermost/mattermost-server (Go) Apr 26, 2024
Denial of service condition in M-Files Server in versions before 24.4.13592.4 and after 23.11 ... High Unreviewed
CVE-2024-4056 was published Apr 26, 2024
python-jose denial of service via compressed JWE content Moderate
CVE-2024-33664 was published for python-jose (pip) Apr 26, 2024
garyd203
Credited to garyd203
A flaw was found in Bombastic, which allows authenticated users to upload compressed (bzip2 or... Moderate Unreviewed
CVE-2024-3508 was published Apr 25, 2024
An incomplete fix was shipped for the Rapid Reset (CVE-2023-44487/CVE-2023-39325) vulnerability... High Unreviewed
CVE-2023-6596 was published Apr 25, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.5 before 16... High Unreviewed
CVE-2024-2829 was published Apr 25, 2024
Denial of service in Kubernetes Moderate
CVE-2020-8557 was published for k8s.io/kubernetes/pkg/kubelet (Go) Apr 24, 2024
OpenStack Storlets arbitrary code execution vulnerability High
CVE-2024-28717 was published for storlets (pip) Apr 22, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported... Moderate Unreviewed
CVE-2024-21050 was published Apr 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported... Moderate Unreviewed
CVE-2024-21051 was published Apr 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-21055 was published Apr 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database