Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,037 advisories

Loading
Microsoft Security Advisory CVE-2024-21392: .NET Denial of Service Vulnerability High
CVE-2024-21392 was published for Microsoft.NETCore.App.Runtime.linux-arm (NuGet) Mar 12, 2024
r3kumar TAINA-AntonyBingham
Credited to r3kumar and TAINA-AntonyBingham
JWX vulnerable to a denial of service attack using compressed JWE message Moderate
CVE-2024-28122 was published for github.com/lestrrat-go/jwx (Go) Mar 8, 2024
zer0yu
Credited to zer0yu
The issue was addressed with improved checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6... Moderate Unreviewed
CVE-2024-23259 was published Mar 8, 2024
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in... Critical Unreviewed
CVE-2024-23265 was published Mar 8, 2024
jose vulnerable to resource exhaustion via specifically crafted JWE with compressed plaintext Moderate
CVE-2024-28176 was published for jose (npm) Mar 7, 2024
P3ngu1nW panva
Credited to P3ngu1nW and panva
nGrinder before 3.5.9 allows to set delay without limitation, which could be the cause of Denial... Low Unreviewed
CVE-2024-28214 was published Mar 7, 2024
In the Linux kernel, the following vulnerability has been resolved: jfs: fix slab-out-of-bounds... High Unreviewed
CVE-2023-52602 was published Mar 6, 2024
An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Spectrum service accessed... Moderate Unreviewed
CVE-2024-25615 was published Mar 5, 2024
libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. This flaw allows an... High Unreviewed
CVE-2024-25269 was published Mar 5, 2024
IBM QRadar WinCollect Agent 10.0 through 10.1.2 could allow a privileged user to cause a denial... Moderate Unreviewed
CVE-2022-43880 was published Mar 3, 2024
phpseclib does not properly limit the ASN1 OID length High
CVE-2024-27355 was published for phpseclib/phpseclib (Composer) Mar 2, 2024
phpseclib a large prime can cause a denial of service High
CVE-2024-27354 was published for phpseclib/phpseclib (Composer) Mar 2, 2024
Mattermost fails to limit the number of role names Moderate
CVE-2024-1953 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 29, 2024
Mattermost denial of service through long emoji value Moderate
CVE-2024-24988 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 29, 2024
A vulnerability in system resource management in Cisco UCS 6400 and 6500 Series Fabric... Moderate Unreviewed
CVE-2024-20344 was published Feb 29, 2024
A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS... High Unreviewed
CVE-2024-20321 was published Feb 29, 2024
jose4j denial of service via specifically crafted JWE Moderate
CVE-2023-51775 was published for org.bitbucket.b_c:jose4j (Maven) Feb 29, 2024
An issue was discovered in Couchbase Server through 7.2.2. A data reader may cause a denial of... Moderate Unreviewed
CVE-2023-45874 was published Feb 29, 2024
Rack has possible DoS Vulnerability with Range Header Low
CVE-2024-26141 was published for rack (RubyGems) Feb 28, 2024
ooooooo-q
Credited to ooooooo-q
In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix... High Unreviewed
CVE-2021-47023 was published Feb 28, 2024
In the Linux kernel, the following vulnerability has been resolved: net: Only allow init netns... High Unreviewed
CVE-2021-47010 was published Feb 28, 2024
In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure... Moderate Unreviewed
CVE-2021-46939 was published Feb 27, 2024
In Srelay (the SOCKS proxy and Relay) v.0.4.8p3, a specially crafted network payload can trigger... High Unreviewed
CVE-2024-25398 was published Feb 27, 2024
Connection leaking on idle timeout when TCP congested High
CVE-2024-22201 was published for org.eclipse.jetty.http2:http2-common (Maven) Feb 26, 2024
luffy1949
Credited to luffy1949
Due to an allocation of resources without limits, an uncontrolled resource consumption... Moderate Unreviewed
CVE-2023-51393 was published Feb 23, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database