Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,036 advisories

Loading
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-21062 was published Apr 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-21057 was published Apr 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-21013 was published Apr 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-21008 was published Apr 17, 2024
Mattermost Mobile app versions 2.13.0 and earlier use a regular expression with polynomial... Low Unreviewed
CVE-2024-3872 was published Apr 16, 2024
parisneo/lollms-webui is vulnerable to a denial of service (DoS) attack due to uncontrolled... Moderate Unreviewed
CVE-2024-1569 was published Apr 16, 2024
Dell Storage Resource Manager, 4.9.0.0 and below, contain(s) a Session Fixation Vulnerability in... Moderate Unreviewed
CVE-2024-0157 was published Apr 12, 2024
An issue has been discovered in GitLab EE affecting all versions before 16.8.6, all versions... Moderate Unreviewed
CVE-2023-6678 was published Apr 12, 2024
A denial of service vulnerability was identified in GitLab CE/EE, versions 16.7.7 prior to 16.8.6... Moderate Unreviewed
CVE-2023-6489 was published Apr 12, 2024
Internationalized Domain Names in Applications (IDNA) vulnerable to denial of service from specially crafted inputs to idna.encode Moderate
CVE-2024-3651 was published for idna (pip) Apr 11, 2024
guidovranken
Credited to guidovranken
An issue was discovered in OpenDDS commit b1c534032bb62ad4ae32609778de6b8d6c823a66, allows a... Moderate Unreviewed
CVE-2024-30915 was published Apr 11, 2024
A Denial of Service (DoS) vulnerability exists in the mintplex-labs/anything-llm repository when... High Unreviewed
CVE-2024-3569 was published Apr 10, 2024
DHCP Server Service Denial of Service Vulnerability High Unreviewed
CVE-2024-26215 was published Apr 9, 2024
DHCP Server Service Denial of Service Vulnerability High Unreviewed
CVE-2024-26212 was published Apr 9, 2024
The ABAP Application Server of SAP NetWeaver as well as ABAP Platform allows an attacker to... Moderate Unreviewed
CVE-2024-30218 was published Apr 9, 2024
The Mojolicious module before 9.11 for Perl has a bug in format detection that can potentially be... Moderate Unreviewed
CVE-2021-47208 was published Apr 8, 2024
h2 servers vulnerable to degradation of service with CONTINUATION Flood Moderate
GHSA-q6cp-qfwq-4gcv was published for h2 (Rust) Apr 5, 2024
Mattermost Server doesn't limit the number of user preferences Moderate
CVE-2024-28949 was published for github.com/mattermost/mattermost/server/v8 (Go) Apr 5, 2024
net/http, x/net/http2: close connections when receiving too many headers Moderate
CVE-2023-45288 was published for golang.org/x/net (Go) Apr 4, 2024
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to... High Unreviewed
CVE-2024-27316 was published Apr 4, 2024
IBM WebSphere Application Server Liberty 18.0.0.2 through 24.0.0.3 is vulnerable to a denial of... Moderate Unreviewed
CVE-2024-27268 was published Apr 4, 2024
OpenID Connect client Atom Exhaustion in provider configuration worker ets table location Moderate
CVE-2024-31209 was published for oidcc (Erlang) Apr 3, 2024
mohamedalikhechine robertfiko
maennchen paulswartz SAFE-Erlang-Elixir
Credited to mohamedalikhechine, robertfiko, maennchen, paulswartz, and SAFE-Erlang-Elixir
In the Linux kernel, the following vulnerability has been resolved: lan966x: Fix crash when... High Unreviewed
CVE-2024-26723 was published Apr 3, 2024
QUIC's Connection ID Mechanism vulnerable to Memory Exhaustion Attack High
CVE-2024-22189 was published for github.com/quic-go/quic-go (Go) Apr 2, 2024
marten-seemann
Credited to marten-seemann
Eclipse Vert.x vulnerable to a memory leak in TCP servers Moderate
CVE-2024-1300 was published for io.vertx:vertx-core (Maven) Apr 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database