Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,037 advisories

Loading
Eclipse Vert.x vulnerable to a memory leak in TCP servers Moderate
CVE-2024-1300 was published for io.vertx:vertx-core (Maven) Apr 2, 2024
IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 is vulnerable to a denial of... Moderate Unreviewed
CVE-2024-22353 was published Mar 31, 2024
ArgoCD's repo server has Uncontrolled Resource Consumption vulnerability Moderate
CVE-2024-29893 was published for github.com/argoproj/argo-cd/v2 (Go) Mar 29, 2024
jake-ciolek
Credited to jake-ciolek
An issue has been discovered in GitLab CE/EE affecting all versions before 16.8.5, all versions... Moderate Unreviewed
CVE-2024-2818 was published Mar 28, 2024
Elasticsearch Uncontrolled Resource Consumption vulnerability Moderate
CVE-2024-23450 was published for org.elasticsearch:elasticsearch (Maven) Mar 27, 2024
IBM Common Cryptographic Architecture (CCA) 7.0.0 through 7.5.36 could allow a remote user to... High Unreviewed
CVE-2023-47150 was published Mar 26, 2024
A vulnerability exists in the affected product that allows a malicious user to restart the... Moderate Unreviewed
CVE-2024-21914 was published Mar 26, 2024
The Mojolicious module before 7.66 for Perl may leak cookies in certain situations related to... Moderate Unreviewed
CVE-2018-25100 was published Mar 24, 2024
XNIO denial of service vulnerability High
CVE-2023-5685 was published for org.jboss.xnio:xnio-api (Maven) Mar 22, 2024
grosario1
Credited to grosario1
Uncontrolled resource consumption for some Intel(R) SPS firmware before version SPS_E5_06.01.04... Moderate Unreviewed
CVE-2023-29153 was published Mar 22, 2024
Certain HP OfficeJet Pro printers are potentially vulnerable to a Denial of Service when using an... Moderate Unreviewed
CVE-2023-4063 was published Mar 22, 2024
Slow String Operations via MultiPart Requests in Event-Driven Functions Moderate
CVE-2024-29186 was published for bref/bref (Composer) Mar 22, 2024
smaury mnapoli
rcambien GrahamCampbell
Credited to smaury, mnapoli, rcambien, and GrahamCampbell
Denial of service while parsing a tar file due to lack of folders count validation Moderate
CVE-2024-28863 was published for node-tar (npm) Mar 22, 2024
DEMON1A AlmogApiiro
ebickle
Credited to DEMON1A, AlmogApiiro, and ebickle
Uncontrolled Resource Consumption vulnerability in David Artiss Code Embed.This issue affects... Moderate Unreviewed
CVE-2023-49837 was published Mar 21, 2024
latchset jose through version 11 allows attackers to cause a denial of service (CPU consumption)... High Unreviewed
CVE-2023-50967 was published Mar 20, 2024
Memory leaks in code encrypting and verifying RSA payloads High
CVE-2024-1394 was published for github.com/golang-fips/go (Go) Mar 20, 2024
qmuntal r3kumar
andrewpollock
Credited to qmuntal, r3kumar, and andrewpollock
erlang-jose vulnerable to denial of service via large p2c value Moderate
CVE-2023-50966 was published for jose (Erlang) Mar 19, 2024
maennchen
Credited to maennchen
An issue in the HistoryQosPolicy component of FastDDS v2.12.x, v2.11.x, v2.10.x, and v2.6.x leads... High Unreviewed
CVE-2024-26369 was published Mar 19, 2024
tls-listener affected by the slow loris vulnerability with default configuration High
CVE-2024-28854 was published for tls-listener (Rust) Mar 15, 2024
conradludgate
Credited to conradludgate
Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before... Moderate Unreviewed
CVE-2024-2446 was published Mar 15, 2024
Uncontrolled Resource Consumption in Mattermost Mobile versions before 2.13.0 fails to limit the... Low Unreviewed
CVE-2024-24975 was published Mar 15, 2024
Mattermost Server Resource Exhaustion Low
CVE-2024-28053 was published for github.com/mattermost/mattermost-server (Go) Mar 15, 2024
Uncontrolled resource consumption for some Intel(R) SPS firmware versions may allow a privileged... Moderate Unreviewed
CVE-2023-35191 was published Mar 14, 2024
quiche vulnerable to unlimited resource allocation by QUIC CRYPTO frames flooding Moderate
CVE-2024-1765 was published for quiche (Rust) Mar 13, 2024
quiche vulnerable to unbounded storage of information related to connection ID retirement Low
CVE-2024-1410 was published for quiche (Rust) Mar 13, 2024
marten-seemann
Credited to marten-seemann
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database