Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,038 advisories

Loading
Due to an allocation of resources without limits, an uncontrolled resource consumption... Moderate Unreviewed
CVE-2023-51393 was published Feb 23, 2024
Denial of service condition in M-Files Server in versions before 24.2 (excluding 23.2 SR7 and 23... Moderate Unreviewed
CVE-2024-0563 was published Feb 23, 2024
Liferay Portal vulnerable to Denial of Service Moderate
CVE-2024-26265 was published for com.liferay.portal:release.portal.bom (Maven) Feb 20, 2024
Undertow Uncontrolled Resource Consumption Vulnerability High
CVE-2024-1635 was published for io.undertow:undertow-core (Maven) Feb 20, 2024
Uncontrolled Resource Consumption in moodle High
CVE-2024-25978 was published for moodle/moodle (Composer) Feb 19, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-20972 was published Feb 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-20976 was published Feb 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-20978 was published Feb 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-20962 was published Feb 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security:... Moderate Unreviewed
CVE-2024-20964 was published Feb 17, 2024
fetch(url) leads to a memory leak in undici Moderate
CVE-2024-24750 was published for undici (npm) Feb 16, 2024
mcollina
Credited to mcollina
A memory leak in the Silicon Labs' Bluetooth stack for EFR32 products may cause memory to be... Moderate Unreviewed
CVE-2024-0240 was published Feb 15, 2024
Magento Open Source allows Uncontrolled Resource Consumption Moderate
CVE-2024-20716 was published for magento/community-edition (Composer) Feb 15, 2024
The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is... High Unreviewed
CVE-2023-50868 was published Feb 14, 2024
Duplicate Advisory: Microsoft Security Advisory CVE-2024-21386: .NET Denial of Service Vulnerability High
GHSA-32q7-gv7f-4cg5 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Feb 13, 2024 withdrawn
Windows DNS Client Denial of Service Vulnerability High Unreviewed
CVE-2024-21342 was published Feb 13, 2024
XSS sidekiq-unique-jobs UI server vulnerability High
CVE-2024-25122 was published for sidekiq-unique-jobs (RubyGems) Feb 13, 2024
pboling Earlopain
Credited to pboling and Earlopain
mapshaper Path Traversal vulnerability Moderate
CVE-2024-1163 was published for mapshaper (npm) Feb 13, 2024
JafarAkhondali
Credited to JafarAkhondali
An unauthenticated remote attacker can use an uncontrolled resource consumption vulnerability to... High Unreviewed
CVE-2024-24781 was published Feb 13, 2024
Uncontrolled Resource Consumption vulnerability in Honeywell Niagara Framework on Windows, Linux,... Moderate Unreviewed
CVE-2024-1309 was published Feb 13, 2024
python-multipart vulnerable to Content-Type Header ReDoS High
CVE-2024-24762 was published for python-multipart (pip) Feb 12, 2024
nicecatch2000 Kludex
amita-seal
Credited to nicecatch2000, Kludex, and amita-seal
Processing of user-defined DAV user-agent strings is not limited. Availability of OX App Suite... Moderate Unreviewed
CVE-2023-41705 was published Feb 12, 2024
Processing time of drive search expressions now gets monitored, and the related request is... Moderate Unreviewed
CVE-2023-41706 was published Feb 12, 2024
Processing of user-defined mail search expressions is not limited. Availability of OX App Suite... Moderate Unreviewed
CVE-2023-41707 was published Feb 12, 2024
Samly access control vulnerability Critical
CVE-2024-25718 was published for Samly (Erlang) Feb 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database