Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,038 advisories

Loading
Spring Framework server Web DoS Vulnerability High
CVE-2024-22233 was published for org.springframework:spring-core (Maven) Jan 22, 2024
aruneko reva
YukiInu fnxpt schmidt-fu tolmaidis LukaszGrzesik
Credited to aruneko, reva, YukiInu, fnxpt, schmidt-fu, tolmaidis, and LukaszGrzesik
An issue was discovered in Mbed TLS 3.5.1. There is persistent handshake denial if a client sends... High Unreviewed
CVE-2024-23744 was published Jan 22, 2024
An incorrect permissions vulnerability was reported in the Lenovo App Store app that could allow... Moderate Unreviewed
CVE-2023-6450 was published Jan 19, 2024
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core)... Moderate Unreviewed
CVE-2024-20959 was published Jan 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-20977 was published Jan 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-20971 was published Jan 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-20961 was published Jan 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported... Moderate Unreviewed
CVE-2024-20981 was published Jan 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-20965 was published Jan 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported... Moderate Unreviewed
CVE-2024-20985 was published Jan 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported... Moderate Unreviewed
CVE-2024-20983 was published Jan 17, 2024
Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because... High Unreviewed
CVE-2023-22512 was published Jan 16, 2024
An Uncontrolled Resource Consumption vulnerability has been found on Sandsprite Scdbg.exe,... Moderate Unreviewed
CVE-2024-0581 was published Jan 16, 2024
Denial of Service (DoS) vulnerability in the DMS module. Successful exploitation of this... High Unreviewed
CVE-2023-52098 was published Jan 16, 2024
launchAnyWhere vulnerability in the ActivityManagerService module. Successful exploitation of... High Unreviewed
CVE-2023-52113 was published Jan 16, 2024
Cloud Foundry routing release versions from v0.163.0 to v0.283.0 are vulnerable to a DOS attack. ... High Unreviewed
CVE-2023-34061 was published Jan 12, 2024
The issue was addressed with improved checks. This issue is fixed in iOS 17.2 and iPadOS 17.2. An... Moderate Unreviewed
CVE-2023-42941 was published Jan 11, 2024
CRI-O's pods can break out of resource confinement on cgroupv2 Moderate
CVE-2023-6476 was published for github.com/cri-o/cri-o (Go) Jan 10, 2024
Tal-or
Credited to Tal-or
quic-go's path validation mechanism can be exploited to cause denial of service Moderate
CVE-2023-49295 was published for github.com/quic-go/quic-go (Go) Jan 10, 2024
marten-seemann
Credited to marten-seemann
A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been classified... Moderate Unreviewed
CVE-2024-0348 was published Jan 10, 2024
Microsoft ASP.NET Core project templates vulnerable to denial of service Moderate
CVE-2024-21319 was published for Microsoft.IdentityModel.JsonWebTokens (NuGet) Jan 9, 2024
aried3r
Credited to aried3r
Microsoft Message Queuing Denial of Service Vulnerability High Unreviewed
CVE-2024-20661 was published Jan 9, 2024
.NET Core and Visual Studio Denial of Service Vulnerability High Unreviewed
CVE-2024-20672 was published Jan 9, 2024
In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation... Moderate Unreviewed
CVE-2024-22164 was published Jan 9, 2024
XWiki vulnerable to Denial of Service attack through attachments High
CVE-2024-21651 was published for org.xwiki.platform:xwiki-platform-distribution-war (Maven) Jan 8, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database